About the Role
An exciting new opportunity with a worldwide leading IT services provider. A brand new position will be within the companies internal IT department to help create and then lead a new Operational Security function.
This successful Information Security Manager will work collaboratively with many different areas across and the company closely with the internal security department, to ensure vulnerabilities are well managed and efficiently remediated in any technology. Patching and version management of all technologies will also be led by this role.
Responsibilities -
Create and lead a new "Operational Security" team, focusing on vulnerability reduction and creating a strong security position.
Ensure the Operational Security team deliver value to the department and drive high KPI achievement.
Lead a small team of European based operational-focused security professionals; giving direction, support and development opportunities.
Drive security initiatives across other operational teams.
Lead an offshore team of specialists focused on patching and the associated reporting and automation.
Collaborate with the internal security department to understand and agree vulnerability priorities and remediation approaches. Work closely with resolver teams to ensure full remediation is achieved.
Manage internal exception processes and risk position.
Work with senior leaders to ensure vulnerability management is highly prioritised and to create a culture of strong security throughout the department.
Requirements
Security certification - such as CISM(P), SEC+, GIAC Security Essentials (GSEC).
Proven experience in the field of IT security.
Proven understanding of industry standard security frameworks - such as NIST Cybersecurity Framework, CIS security standards .
Demonstrable understanding of industry security certifications - such as NCSC Cyber Essentials.
Good understanding of security hardening approaches - such as CIS benchmarks.
Good understanding of vulnerability scanning tools.
Good understanding of penetration testing approaches.
Demonstrable knowledge of patching tools such as SCCM.
Excellent written and verbal communication skills
Comfortable working autonomously to deliver value.
Proven experience leading teams.