IT & Cyber Security Manager, Working with skilled teams across the business, focusing on initiatives and opportunities, using cloud & on prem technologies and modern security practices.
As the Security Manager, you will liaise with security incident response experts, keep up to date with industry changes, and work directly with the infrastructure and development teams to ensure that their systems are appropriately secure, compliant, and resilient across over 20 UK Locations. You will also work to continuously educate people across the business in security matters and threats.
Key responsibilities & accountabilities:
Accountability for creating and maintaining standards and their implementation
Work with stakeholders and staff to nurture a culture where security is always in mind and seen as a critical part of everyone's responsibility
Creation of training materials and assisting with the continual upskilling of the whole company in relation to security matters relevant to their roles
Provide day to day advice in security matters across the business
Carry out business impact analysis activities relating to new changes and capabilities
Working with SOC to ensure that their incident detection models and alert response processes are kept appropriate and up to date
Coordinating with MSP's for the scoping and execution of vulnerability scanning and penetration testingSkills & Ability:
Exposure to environments where infrastructure management is heavily automated (Infrastructure as Code)
Experience working with suppliers (licensing etc.) to negotiate and manage the services they provide
Could have Construction industry experience
Preferably educated to degree standard or with other relevant certifications (e.g. CISSP, CISA, CISM).Knowledge & Experience
Experience defining and implementing IT security policies within a UK wide services organisation and with a demonstrable understanding of associated risk management
Knowledge of security in a cloud hosted environment, especially using cloud native technologies in Azure
Azure, Active Directory, Intune, Endpoint, Mvision, Group Policy, Sophos Knowledge
Ability to Define NW Security policy and Protocols, SIP/VOIP/4G/5G
Knowledge of secure development practices and relevant tooling
Experience training others in security matters at all levels
Great communication skills and the ability to influence others
Experience running security testing processes such as tabletop exercises, phishing campaigns etc.
Cynomi, Sophos, FortiGate, MVision, Active Directory, Endpoint, Intune, WMWare, Hyper-V, SIP/VOIP, ISO/IEC 27001 , On Prem and Cloud (Azure), Sharepoint, PowerBI, HP Switching, Zyxwl/Draytech Routing, VLans, IPSEC, VPN
