Description
- IT Security Manager
- £600 - £700 per day via Umbrella (inside scope)
- 3 Month contract
- Remote working until offices re-open in Cambridge
You will be the centre of knowledge and manage this process from end to end working with various teams and domains within the business to convey the message to others, make it possible to get a successful audit and issue the relevant certification.
You will need to come from an Operational Security role, have the relevant personal certification (CISSP) as well as proven experience in managing and defining security processes and procedures, managing a governance framework and have previously worked with auditors through the certification process.
What the accountability include?
- Manage a risk, security and resilience governance framework (for Minimums Site Security Requirements (MSSR) to support products & services
- Support and maintain architectures and technologies as part of the project transition and move to operational implementation.
- Assess the ongoing situational awareness and anticipate various possible security attacks and threats (deliberate and/or accidental) on all elements of the systems and physical environment (data centre, IT infrastructure, secure elements, etc.) at all levels and continually assess and evaluate the area's security controls to identify any vulnerabilities that potentially be exploited.
- Develop, implement and maintain security policies, protocols and procedures required to maintain our products and services to the highest security and resilience standards which are key to the development of our business.
- Develop and devise horizon scanning and thought leadership for the Secure Identity Business Unit, and link with the companies research into the area of risk, security and resilience.
- Interact with various teams across the organisation (product engineering, product management, product delivery, operations, Enterprise Security, IT and more) to ensure that products and services are designed, developed, delivered and operated with the relevant to the internal risk, security and resilience assurance framework.
- Protect our partners sensitive assets and ensure that they cannot be compromised at any stage.
- Assist in expanding and maintaining a security and resilience culture through ongoing people risk management via a variety of delivery mechanisms, and links with enterprise wide cyber-security education & awareness framework and the organisational experience framework.
- Support the development and implementation of different simulated attack scenarios aligned with the Resilience/Business Continuity Plan.
- Working internally and externally to the business area, maintain and monitor a future scanning capability to identify trends and indicate potential future risks.
- Establish, monitor and manage automated monitoring processes and procedures for all our systems and overall ecosystem via an IDS/IPS capability for all our systems and overall ecosystem
- Participate and escalate to the Security Forums by identifying critical security issues and recommending risk-reduction mitigations.
- Bachelor's degree in computer science, or a related field, or master of business administration in information systems.
- Certified Information Systems Security Professional (CISSP) qualification (optional).
- Strong background in information technology with a clear understanding of the challenges of information security and associated issues.
- Experience in information management and architecture (optional).
- Experience in reporting and security incident response planning (optional)
- Excellent analytical and problem-solving abilities to identify and solve security risks as required.
- Good team working capability in collaboration with a range of other information technology professionals.
- Excellent communications skills.
- Previous experience as Security Manager or in a similar role is preferred.