Job description

IT Security Manager

Hybrid role, remotely from home and 1-2 days per week in offices in Peterborough OR Tunbridge Wells.

Key Responsibilities:

• Management of the security team in an operational or governance capacity and end-to-end delivery of security practices and processes
• Line management of the security team and collaboration with the people manager community
• SME, advice, oversight and governance of security policies, processes, procedures and standards
• Contribute to the delivery of the security roadmap and a continuous improvement model for security
• Ensure Information Security controls are operating effectively
• Ensure where gaps are identified, that these have remediation plans agreed and delivered
• Ensure annual Security Awareness tests are completed and provide visibility / status updates for these
• Ensure effective Information Security Awareness campaigns are defined and delivered throughout the year
• Help embed security best practices throughout the business and early in projects
• Be an SME for PCI DSS and contribute to and ensure compliance governance to security standards
• Actively share learnings and regular take opportunities to improve systems and processes
• Provide regular team updates to peers, wider technology team and stakeholders
• Contribute to business and technology audits
• Engagement with 3rd party partners as a SME and to ensure due diligence process adherence

Key Competencies:

• CISSP Certified
• Proven experience of Information and Cyber security
• Cloud security experience is highly beneficial
• Proven experience of risk and control management
• Proven experience of standards including ISO27001, PCI, GDPR/DPA & NIST
• Communication of complex ideas clearly in a non-technical way
• Strong stakeholder and 3rd party management experience
• Strong communication and collaboration
• Confident at working with people at all levels
• People and team management experience
• CISM Certified is beneficial