Cyber Security Manager

My client is a market leading Financial Services organisation who are experiencing a period of substantial growth which has created exciting opportunities for talented individuals to join their Head Office team.
Job Summary

Accountable for the architecture, design and provision of cyber security services for the protection of the business's digital and data assets, including the architecture, design and operations for these services. Responsible for continuously improving our Capability Maturity in the area of cyber security

Key Responsibilities

• Supports the Group Services COO in the development, documentation and socialising of the Cyber Security Strategy, and update on progress against this

• Develop and maintain security and cloud architecture artifacts (models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations

• Develop a programme of continuous improvement in the capability maturity of the cyber security function

• Participate in application and infrastructure projects to provide security planning and design advice

• Conduct threat modeling of services and applications that tie to the risk and data associated with the service or application

• Validate IT infrastructure and other reference architectures for security best practices, and recommend changes to enhance security and reduce risk where applicable.

• Represent cyber security in Change Advisory Board and Technical Design Authority meetings.

• Ensure the effective ongoing management of vulnerabilities within the technical estate

• Review, assess, and mitigate penetration tests and vulnerability assessments on information systems and infrastructure

• Management and assessment of external threat trends and environment remediation.

• Developing, documenting and maintaining security procedures

• Management of the Cyber Security Team

• Ensure appropriate contextual risk management is performed in line with business risk appetite

• Ensure ongoing compliance with system update and hardening requirements

• Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements

• Creation, analysis and communication of security metrics to Group Services COO

• Lead security incident responses for the team

Skills and Qualification Specification
Essential

• Experience of leading an IT security function within a regulated industry
• Bachelor's Degree in Information Technology or equivalent experience
• Proven ability to work under stress in emergencies, with the flexibility to handle multiple high-pressure situations simultaneously
• Experience of cyber security strategy and roadmap development
• Excellent written and verbal communication skills with the ability to form effective working releationships with other staff and stakeholders
• Confident in communicating technical cyber security risks, incidents and threats to non-technical staff and stakeholders
• Determination and tenacity to drive service and security improvements across the business and the ability to assess effectiveness of control measures and making improvement suggestions
• Proven hands-on operational experience within cyber security with a broad knowledge of the subject
• Ability to work well under minimal supervision

Desirable

• TOGAF
• Strong knowledge and experience with security frameworks such as NIST CSF and ISO 27001.
• CISM or CISSP certified