IT Cyber Security Manager

Description:

IT Cyber Security Manager

Surrey - Hybrid Working

My client is a leading financial services organisation based in Surrey who are recruiting for a IT Cyber Security Manager

As a IT Cyber Security Manager, you will Provide Security Input for projects in a Digital Transformation Programme as well as establish and maintain cyber security policies and procedures.
Own threat management and response. Manage and mentor the cyber security team.
Manage Security tooling risks and processes. Own vulnerability management through the whole lifecycle from internal and external monitoring and identification to remediation and reporting.

IT Cyber Security Manager Benefits:

22 days holiday + 8 Bank Holiday (Holiday's increase to 27, 1 additional day per year worked)
Healthy contributed pension
Training and development
Access to a number of financial based products
Dress down FridaysAs a IT Cyber Security Manager, you will perform the following tasks:

Establish and maintain robust cyber security policies, playbooks, and procedures, ensuring compliance with regulatory requirements industry standards and the Cyber Security Strategy.
Identify, evaluate, and mitigate cyber threats. Lead incident response activities and investigations into security breaches.
Conduct regular risk assessments, audits, and testing of the security infrastructure to identify vulnerabilities and implement necessary improvements.
Act as the escalation point on monitoring of corporate environment to identify security issues or incidents (Threat Hunting)
Manage and mentor the security analyst, (monitoring, Investigation, root cause analysis of Security alerts from multiple information sources. Including, but not limited to Darktrace, LogPoint, WithSecure, Mimecast, while ensuring the team stays relevant to the latest Cyber Security trends and technologies.
Introduce processes to maintain the integrity and protection of corporate and customer data.
Responsible for managing the business IT vulnerabilities and provide to the service desk team, paths to remediation, through the whole lifecycle to ensure safety and compliance for the business.
Investigate and analyse escalated security matters, identify methods and solutions in response to security related queries including the ones, submitted by end users.
Perform root cause analysis of security incidents and participate in post-incident reviews to provide practical recommendations for improving the organisation's threat detection and incident response capabilities and overall security posture
Perform malware analysis and digital forensics where appropriate
Drive internal phishing campaigns (KnowBe4 platform) and work with management and HR - Training to raise Cyber awareness within the corporate environment, (new hire inductions, periodic training, etc)
Own maintenance, renewal and distribution of SSL Certificates
Manage and own the process of achieving and maintaining Security related certifications (CE+, PCI, etc)
Ensure readiness, appropriate versioning and health, of the security systems used on security operations
Identify and promote continual service improvement of all cyber security systems and procedures
Share knowledge with and cross-train other members of the other IT teamsIT Cyber Security Manager Documentation & Reporting:

Assist in development of company-wide best practices for Cyber Security
Document all security alerts, incidents and actions taken for both internal and regulatory use
Contribute to maintenance of Cyber Security Operations Manual
Manage cyber security actions in audits, cyber security exercises and provide supporting documentation
Provide cyber security related reporting dashboards for use at different levels within the business (Regulatory, Board updates, Vulnerabilities, etc)IT Cyber Security Manager Key Skills & Experience:

At least 5 year experience in a similar Cyber/IT Security/InfoSec based role
Experience in a wide range of Cyber Security areas.
Experience with security tool sets (SIEM, FIM, EDR, NDR)
The ability to contextualise, categorise and prioritise security events, incidents, and alerts
Knowledge of security framework and standards implementation (NiST, ISO27001, PCI-DSS, etc)
Demonstrable passion and enthusiasm for security, including the ability to keep current with the latest threats, technologies, and trends
Thorough understanding of adversarial tactics, techniques, and procedures
Knowledge of security related skills within infrastructure, cloud, virtualisation and network concepts and technologies, particularly in a Microsoft-centric environment (Defender for Cloud, Cloud apps, Security scores, Purview including Data classification and retention, Identity Management, and conditional Access)
Strong attention to detail with an analytical mindset and the ability to spot and investigate anomalous behaviour
Strong Communication skills and the ability to communicate and present at all levelsIT Cyber Security Manager Technologies involved:

SIEM - Logpoint
Automated Intrusion and response - Darktrace
AntiVirus / Malware detection
Email Filtering & Web Security - Mimecast
FIM - Tripwire
VMware & VDI Horizon
Windows Environment
Microsoft Azure & O365 (Purview, IAM, PIM, Defender for cloud, cloud apps, endpoint)
AWS
WAF
Duo Multifactor AuthenticationIT Cyber Security Manager Additional points if:

CISSP
Experience in financial sector or other highly regulated environment
Experience and understanding of Network SecurityServices advertised by Gold Group are those of an Agency and/or an Employment Business.
We will contact you within the next 14 days if you are selected for interview. For a copy of our privacy policy please visit our website