Job Overview
Apply now Job Duties Security Leadership - Be the trusted source of information and cyber security architecture, engineering and operations expertise and pro-actively provide leadership and guidance to IT and business functions Security Planning - provide oversight of operational planning for technical aspects of Information, IT and Cyber Security Security Architecture - Oversee the design and deployment of security technologies across the business ensuring an adequate BAU operating model is created. Security Analysis - conduct and validate analysis of technical security solutions to help define requirements and subsequent protection. Threat Intelligence & Trends - Leverage sources of knowledge regarding security threats and vulnerabilities and ensure a flow of relevant threat and trend information to all relevant security specialists. Incident Management - Act as the principal escalation point for security events and incidents across the business unit. Audit Support - Coordinate responses and remediation to Internal and External Audits from an Information Security standpoint and ensure that group mandatory controls are adhered to. Relationship Management - Establish and maintain effective relationships and governance arrangements with senior IT stakeholders. Team Management - Manage GI Information Security Team including:- Information Security Officer, Information Security Administrators, Data protection Officer and Supplier / Contract Managers. Skills Required Appropriate security qualifications and memberships (e.g. ISO27001, CISSP, CISM, etc.) are desirable. In order to demonstrate the analytical and communications skills required to perform the role it is anticipated that the role holder will be educated to degree level or have acquired relevant work experience Knowledge is required of: Information and IT Security broadly, including in-depth knowledge and practice of security architecture development, security threat technical analysis, security solutions evaluation and selection, security solutions engineering and front-line security operations.International recognised and formal standards for IT control and Security Management Systems, including ISO2700x, COBIT, COSO, ITIL and NIST Cyber Security Framework.Detailed knowledge of principal technical IT and security standards, including encryption standards, IETF RFCs for security functions, etc. is essential.In depth understanding of trends in security threats, analysis of major publicised incidents and IT trends as they relate to security threats is essential.Detailed understanding of the implementation and operation of key security technologies, including anti-malware (simple and advanced), network perimeter and firewall, monitoring, encryption, intrusion detection, behavioural analysis, information protection, authentication, identity management and security testing.Structured approaches to incident and crisis management - experience of contributing to major security incident management is desirable. Experience is required of: Coordination of IT and Information Security stakeholders in a complex organisation.Working in or with security infrastructure and/or security operational functions.Building successful working relationships and team dynamics in a matrix environment.Practical, common sense delivery of successful, collaborative security solutions.Defining and implementing security strategies in a federated environment.Solving complex security problems.Working with large scale IT outsourcing, including use of Cloud services. The job holder must have: The gravitas to work successfully across different businesses, seniorities and business cultures.Superior analytical, evaluative and problem-solving abilities.Exceptional service orientation and customer focus.The ability to work in a challenging work environment.Strong negotiation skills.Confidence in decision-making and delivery.Ability to listen to others and talk honestly and persuasively.Adaptability.Excellent written and oral communication skills.The ability to present ideas and technical security concepts in business- and user-friendly language.
Key Requirements
NIST COBIT CISSP Identity Management Information Security