Job description
IT Security Manager
Hybrid role, remotely from home and 1-2 days per week in offices in Peterborough OR Tunbridge Wells.
Key Responsibilities:
- Management of the security team in an operational or governance capacity and end-to-end delivery of security practices and processes
- Line management of the security team and collaboration with the people manager community
- SME, advice, oversight and governance of security policies, processes, procedures and standards
- Contribute to the delivery of the security roadmap and a continuous improvement model for security
- Ensure Information Security controls are operating effectively
- Ensure where gaps are identified, that these have remediation plans agreed and delivered
- Ensure annual Security Awareness tests are completed and provide visibility / status updates for these
- Ensure effective Information Security Awareness campaigns are defined and delivered throughout the year
- Help embed security best practices throughout the business and early in projects
- Be an SME for PCI DSS and contribute to and ensure compliance governance to security standards
- Actively share learnings and regular take opportunities to improve systems and processes
- Provide regular team updates to peers, wider technology team and stakeholders
- Contribute to business and technology audits
- Engagement with 3rd party partners as a SME and to ensure due diligence process adherence
Key Competencies:
- CISSP Certified
- Proven experience of Information and Cyber security
- Cloud security experience is highly beneficial
- Proven experience of risk and control management
- Proven experience of standards including ISO27001, PCI, GDPR/DPA & NIST
- Communication of complex ideas clearly in a non-technical way
- Strong stakeholder and 3rd party management experience
- Strong communication and collaboration
- Confident at working with people at all levels
- People and team management experience
- CISM Certified is beneficial
