IT Security Manager Glasgow - Clydebank

16th Aug 2024

The IT Security Manager is a hands-on management position with excellent knowledge of the technologies in use by the IT Security team required to Coach, mentor and train other team members as well as to define process, policy and working practices. Ensuring that Company agreed standards both locally and globally are implemented and compliant with legislative and industry standards. Ensuring that all infosec incidents are managed and recorded in line with company agreed standards both locally and globally to ensure compliance with legislation. Ensuring that the Information Security team completes any training that they have been given by offering guidance and mentoring. Member of the IT Management team.

Key Responsibilities

Manage all aspects of the day to day operations of the IT Security team. Ensure deadlines are managed and met for all IT Security projects Responsible for providing IT Security input into IT strategy and subsequent projects to implement strategy. Responsible for IT security strategy Responsible for IT security incident response, investigation, reporting and forensics. Assess system security and recommend improvements Ensure data is handled, transferred or processed according to legal and company guidelines Control costs and budgets regarding IT security Work with IT Management Team to manage contracts with vendors and software licenses Develop IT security policies and practices with the Group head of Business Systems Ensure training and personal development plans of IT Security team are created and followed Evaluate team performance against targets and KPI’s and report monthly to Group Head of Business Systems Manage team resourcing and development to ensure sufficient capacity to support business needs Collaborate with colleagues and the wider security community to keep up to date with relevant practices and policies Understand, implement and monitor security systems (vulnerability scanning, boundary protection, intrusion detection, antivirus, logfile analysis etc.). Investigate and document security breaches, other cyber security incidents and assess the damage they cause. Regular reporting against risks identified infosec tools and mitigation actions/projects. Fix detected vulnerabilities to maintain a high-security standard. Stay up-to-date on information technology trends and security standards. Research security enhancements and make recommendations to management Perform penetration testing with 3rd parties or internally. Help colleagues and the wider business understand information security management. Supporting the business in the delivery and release of secure applications Participate in IT Security audits both representing NMG as the audited party and performing IT Security Audits of other business units and 3rd parties.

Candidate Criteria

Essential

Extensive experience working within IT Security, particularly within a Globally distributed IT environment Experience with system installation, configuration and analysis Thorough knowledge of networks and cloud computing Knowledge of data protection operations and legislation (e.g. GDPR) Outstanding communication skills Be able to identify gaps in the teams knowledge and implement plans to close them. Knowledge of project management methodologies and frameworks. Excellent Team leadership skills Excellent people management skills Excellent communication and interpersonal skills Problem solving Experience Coaching and mentoring an IT Security team. Must be comfortable multitasking with ability to work on and prioritise several tasks at once Experience with ISO 27001. Audit experience.