If you are passionate about IT security and compliance and are keen to promote its relevance and advocate its change within an organisation, this role could be a fantastic opportunity for you. Our client is the premier UK provider of Professional Accountancy and Financial Services training. They are focusing heavily in IT security and compliance across a large user and systems estate. This is an opportunity for an experienced IT Security and Compliance Manager to drive forward initiatives split across: - (a) managing and monitoring the implementation of security standards and threats across IT services and functions (b) security frameworks and (c) managing compliance activities and projects.
This role would ideally suit an established IT security and compliance manager who has (a) a technical background, ideally from networking/infrastructure (b) very strong communications and stakeholder skills, ideally gained in a commercial and highly audited business sector and (c) exposure to implementing security and compliance frameworks.
The core responsibilities are:
- Develop IT security and compliance frameworks and standards
- Lead on essential security and compliance reviews, certifications and accreditations (e.g. ISO27001/2, PCI, Cyber Essentials and SOX)
- Develop data security policies and procedures
- Participate in DR and IT Service continuity planning
- Research and implement security and firewall strategies
- Monitor security threats and execute responses through SIEM tools
- Evaluate IT security technologies and lead on their implementation
- Provide security guidance on the design of applications and network architectures
- Prepare and maintain documentation of network configurations and architectures
- Lead on the security aspects of client tenders, external enquiries/audits and be the primary interface with both external auditors and corporate security functions
Essential Experience
- Comprehensive understanding of Information Security Frameworks (e.g. ISO 27001, SOX, PCI DSS and CyberEssentials) and UK and EU data protection laws, Including GDPR
- Track record of leading successful audit compliance outcomes
- Information risk management
- Working knowledge of SIEM systems and data loss prevention tools
- Infrastructure security and hardening
- Deployment and management of vulnerability and patch management software
- A good working knowledge of networking and switching technologies, optimisation tools and next gen firewalls
Desirable Experience
- Cloud security practices
- Cryptographic controls and website security
- Current experience of Windows Server, virtualisation and desktop technologies
- Experience of wireless and mobile security standards
Internet protocols
- A competitive salary circa £60-65K is offered dependent upon experience. The client offers a full and flexible benefits package. The is a permanent full time position based in North/Central London N7
This company is acting as an employment agency regarding this position