ICT Security Manager
- Location: Caerphilly
ICT Security Manager
Link is a debt purchaser and financial services provider working with many of the UK high street banks and credit card providers. We are one of the leading names in our industry and are passionate and committed to providing high quality service we would like you to be part of our growth.
You will be experienced in managing an Information & Cyber Security function, and delivering reporting, dashboards, and services in a complex organisation. Being an excellent communicator and influencer, you will be confident to use your skills and experience to lead the organisations approach in this critical area, ensuring that our data remains secure and that we make decisions based on risk. You will be passionate about leading our approach to protecting the organisation’s information assets and systems, be a strong leader, and have the emotional maturity and capability to work & handle a pressurised environment.
You will be an experienced problem solver who can work on your initiative and with others to identify creative and innovative solutions. You will also be adaptable and flexible in your approach to work and have excellent organisational skills to manage a complex and varied workload, including projects.
We are on a journey to transform our environment through consolidation and the use of cloud technology. Ideally, you will have experience operating in a cloud environment that will enable you to assist with a cloud strategy, including building and developing skills across our Information Security and broader Technology service, whilst setting a positive example to more junior members of staff across ICT as a whole.
This role leads the ICT Cyber & Information Security function of the organisation to ensure consistent and high-quality information security management in support of business goals, developing a roadmap that delivers against the security strategy. The role holder is responsible for owning the definition, implementation, and maintenance of all security matters for the platform, systems and applications, through design and deployment of security solutions. This includes facilitation of information security governance structure, associated tools, policies and processes, and reporting required for both protection and insight into current and upcoming threats.
The role holder will play a pivotal role in ensuring that Information Security is part of the organisations culture through leadership, awareness campaigns and business partnering, as well as the overall ICT function to define, influence, and own the security control landscape. This will require work across the organisation to provide expert advice on the selection, design, justification, implementation and operation of all information security policies, controls and management strategies to maintain the confidentiality, integrity, availability, accountability and relevant compliance of information systems.
Core responsibilities include:
- Cybersecurity strategy
- Ownership of security and risk management processes and policies
- Compliance management
- Incident detection, management, and response
- Managing cybersecurity hygiene/diligence
- Assessing internal cybersecurity
- 3rd party risk management
- Technology selection/management
- Learning and Development
- People Management
Work Experience and Qualifications
- People management and leadership experience
- 5+ years of Technical Security experience in a multi-networked environment of a user/PC base of >800
- 2+ years of Security Management experience
- Strong technical understanding/background and knowledge of security frameworks and experience delivering these
- Knowledge of common information security management frameworks, such as ISO 27001, ITIL, COBIT, as well as those from NIST
- Project management skills – financial/budget management, scheduling and resource management
- Legal and applicable regulatory standards in relation to IT and Information Security
- IT Security tools (SIEM, IDS, IPS, WAF, DLP, Anti-Phishing, NAC, Anti-Malware, Webproxy)
- IP/TCP stack (TCP/UDP flows, DNS, HTTP/HTTPS)
- SSL (Certs, Certificate Authorities, etc.)
- Some form of professional qualifications, directly related to Information Security or IT Security (CISM, CISSP, CEH, OSCP, ISO27001, CompTIA Security+)
- You will work 40 hours per week, Monday to Friday – hours of work can be flexed but are typically sometime between 8.00 – 6pm.
- Hybrid working, however in ICT leadership functional capacity where positive influence across the ICT function is required, time in the office is required.
- 33 Days holiday (including Bank Holidays)
- Discretionary Annual Bonus
- The role is based in Caerphilly where there is free onsite parking, however some travel to UK (London) and European offices may be required
- Other benefits include Pension, Cycle to Work, lots of social events, purchase annual leave, life assurance (x4) to name a few.