Group IT Security Services Manager

65000.00 - 75000.00 GBP Annual + GBP65000 - GBP75000/annum Bonus 10% plus Benefits
14 Oct 2019
11 Nov 2019
Job Type
Contract Type
Position: Group IT Security Services Manager

Location: Birmingham, West Midlands

Salary: GBP65,000 to GBP75,000 plus 10% Bonus, Pension, Healthcare

This is a fantastic opportunity for an experienced IT Security Services Delivery Manager with strong knowledge and experience in delivering IT Security services utilizing 3rd party suppliers to join an International FTSE 250 company based in Birmingham close to New Street and Moor Street Stations.

This new role reports to the Group Head of IT Security and will play a key role in the ownership and coordination of IT security related supplier management activities as part of the centralisation of group IT security services.

This will include leveraging IT security services to support activities concerning IT security assessment of

prospective acquisitions of companies to determine any gaps that require mitigation and communicate risks to the appropriate stakeholders.

We are looking for an IT Security professional that has significant experience in corporate IT security in large and diverse organisations with knowledge of managing suppliers providing IT Security related services.

The Role

The Group IT Security Services Manager will bring a wealth of IT Security knowledge to apply on a daily basis. You will be responsible for the correct operation of key services and act as the key point of contact for Group IT security matters.

You will be responsible for the following:

Own and review operational documents concerning IT security, such as procedures and technical guidelines
Provide input to improve IT security governance, policies and procedures from observations made on a day-to-day basis in collaboration with the Group divisions
Respond to IT security incidents, suspicious activity or alerts reported by the Group divisions to support investigation, detection, containment or verification activities with the assistance of suppliers
Own and coordinate supplier management activities, including but not limited to, contract reviews and service reviews as applicable
Act as a liaison between suppliers and the Group divisions to facilitate execution of the IT security services
Support IT security initiatives and efforts across the Group concerning the IT security services
Advise Group divisions on execution of the IT security services
Own and produce operational Group IT security KPIs on a periodic basis with support of the IT security services suppliers
Act as a Group point of contact for ad-hoc enquiries, troubleshooting issues and general support concerning the IT security services
Liaise with the Group IT security representatives to exchange knowledge and promote Group wide strategic and tactical initiatives
Own and coordinate IT security service meetings held on a periodic basis with Group representatives
Appraise IT security risks associated to the IT security services and provide input to the Group IT security risk register

Key Experience Required

We are looking for a pragmatic, experienced IT Security Services Manager with at least three years' experience in corporate IT Security Services within large, diverse organisations.
You will have an understanding of industry standards and methodologies associated with information security, including ISSO27001/2, CIS Controls, PCI-DSS NIST and GDPR
We would expect you to have a recognised Information Security certification e.g. CISSP, CISM, ISEB Certificate in Information Security Management to support your experience
Extensive knowledge of penetration testing, vulnerability scanning, phishing testing, security training and awareness, with emphasis on outsourcing and supplier management.
Ability to plan, direct and control the functions and operations of managed IT security services
Ability to define service descriptions, contract clauses, KPIs, service level agreements and other aspects of supplier management
Ability to challenge suppliers and ensure compliance of contractual agreements for IT security services
We would also expect you to have general IT technical knowledge including but not limited to networks, operating systems, databases, application servers, web servers, cloud security (e.g. multi-tenancy, public/private implementations, SaaS, PaaS, IaaS), end-point security (e.g. hardening, anti-malware), web application security (e.g. OWASP), network security (e.g. IDS/IPS, SIEM, DDOS mitigation and WAF) and penetration testing. We do not expect this experience to be hands-on, but a good general knowledge is required.Coburg Banks IT specialise in recruiting in a variety of areas including: Development, IT Support, Programme and Project Management, Business Analysts and Testing as well as mid to senior level IT appointments. We would welcome the opportunity of helping you in your career, so please send a copy of your CV to us