Group IT Security Operations Manager
Position: Group IT Security Operations Manager
Location: Birmingham, West Midlands
Salary: GBP65,000 to GBP75,000 plus 10% Bonus, Pension, Healthcare
This is a fantastic opportunity for an experienced IT Security Operations Manager with strong knowledge and experience in compliance and frameworks to join an International FTSE 250 company based in Birmingham close to New Street and Moor Street Stations.
This new role reports to the Group Head of IT Security and will play a key role in the operation of IT security in a hands-on role with a key remit of maintaining IT Security processes operating to the required standard at Group level working closely with multiple stakeholders and divisions.
We are looking for an IT Security professional that has significant experience in corporate IT security in large and diverse organisations.
The Group IT Security Operations Manager will bring a wealth of knowledge and will apply it on a daily basis. You will be responsible for the correct operation of key processes and act as the key point of contact for Group IT security matters.
You will be responsible for the following:
- Own and review operational documents concerning IT security, such as procedures and technical guidelines
- Provide input to improve IT security governance, policies and procedures from observations made on a day-to-day basis in collaboration with the Group divisions
- Assess the compliance level of the Group divisions against defined standards
- Support activities concerning IT security assessment of prospective acquisitions of companies to determine any gaps that require mitigation and communicate risks to the appropriate stakeholders
- Maintain the Group asset register for Internet facing systems, software and/or technology deployed
- Respond to IT security incidents, suspicious activity or alerts reported by the Group divisions to
- prevent further adverse impact to users, processes, systems or data in other Group divisions
- Advise Group divisions on compliance requirements for relevant frameworks (such as
- ISO27001, CIS controls, NIST Cyber Security Frameworks and PCI DSS) from the operational
- point of view
- Appraise Group IT security risks and manage the Group IT security risk register
Key Experience Required
- We are looking for a pragmatic, experienced IT Security Manager with at least three years with an enterprise organisation in a similar role.
- You will be proficient in industry standards and methodologies associated with information security, including ISSO27001/2, CIS Controls, PCI-DSS NIST and GDPR
- We would expect you to have a recognised Information Security certification e.g. CISSP, CISM, ISEB Certificate in Information Security Management to support your experience
- You will have the ability to analyse an IT solution from a technical perspective to identify appropriate IT security controls
- You will have the ability to ability to identify potential weaknesses on a given IT solution (e.g. through threat modelling and/or risk assessment)
- You will have the ability to assess IT security incidents, IT security advisories and IT security issues collating technical and functional information to define mitigating actions
- We would also expect you to have general IT technical knowledge including but not limited to networks, operating systems, databases, application servers, web servers, cloud security (e.g. multi-tenancy, public/private implementations, SaaS, PaaS, IaaS), end-point security (e.g. hardening, anti-malware), web application security (e.g. OWASP), network security (e.g. IDS/IPS, SIEM, DDOS mitigation and WAF) and penetration testing. We do not expect this experience to be hands-on but a good general knowledge is required.
Coburg Banks IT specialise in recruiting in a variety of areas including: Development, IT Support, Programme and Project Management, Business Analysts and Testing as well as mid to senior level IT appointments. We would welcome the opportunity of helping you in your career, so please send a copy of your CV to us