Security Manager

About Us
Bromcom is a leading software development company delivering an industry leading Cloud based MIS solution into the Education market for the UK. We are committed to delivering innovative and secure solutions to our clients. We prioritise the safety and security of our digital assets, data, and infrastructure. We are looking for a skilled and experienced Security Manager to lead our security initiatives and protect our organisation from potential threats.
Position Summary
The Security Manager will oversee the organisation's security infrastructure, maintain existing but develop and enforce any required new security policies, and respond to security incidents. This role is critical in ensuring the confidentiality, integrity, and availability of our systems and data. The ideal candidate will have a strong technical background, excellent problem-solving skills, a proactive approach to risk management and demonstrable relevant past experience.
Key Responsibilities:

• Security Strategy and Planning:
  
  • Develop and implement a comprehensive security strategy aligned with business goals.
    
  • Conduct regular risk assessments and recommend mitigation strategies.
    
• Policy Development and Compliance:
  
  • Establish and enforce security policies, procedures, and best practices.
    
  • Ensure continued compliance with industry standards, regulations, and certifications (e.g., ISO 27001, GDPR, SOC 2).
    
• Incident Response and Management:
  
  • Maintain and where needed develop incident response plans.
    
  • Lead investigations and response efforts for security incidents and breaches.
    
• Technology and Infrastructure Oversight:
  
  • Oversee the design, implementation, and maintenance of security tools and technologies in Microsoft Windows network and Azure environment (e.g., firewalls, IDS/IPS, endpoint security).
    
  • Collaborate with IT teams to secure networks, systems, and applications.
    
• Training and Awareness:
  
  • Provide input to and improve security training and awareness programs for employees.
    
  • Promote a security-first culture within the organisation.
    
• Collaboration:
  
  • Work closely with our CTO, IT Dept, and compliance teams to embed security in the software development lifecycle (DevSecOps).
    
  • Liaise with external partners, vendors, and auditors on security-related matters.
    Required Qualifications:
    
• Bachelor’s degree in Computer Science, Information Technology, or a related field.
  
• 
  Azure knowledge desirable
  
• 5+ years of experience in information security or a related role, with at least 2 years in a managerial capacity.
  
• Strong knowledge of cybersecurity frameworks, standards, and best practices.
  
• Proficiency with security technologies and tools (e.g., SIEM, vulnerability scanners, encryption tools).
  
• Hands-on experience with incident response, penetration testing, and threat analysis.
  
• Familiarity with secure software development practices and DevSecOps principles.
  
• Certifications such as CISSP, CISM, CEH, or equivalent are strongly preferred.
  Key Skills:
  
• Strong analytical and problem-solving skills.
  
• Excellent communication and leadership abilities.
  
• Ability to work under pressure and handle multiple priorities.
  
• Attention to detail and a proactive approach to identifying and mitigating risks.
  What We Offer:
  Competitive salary and benefits package.
  Professional development opportunities, including training and certifications.
  A collaborative and innovative work environment.
  The chance to work on impactful projects in a growing industry