It Cyber Security Manager

Cyber Security Manager
Surrey - Hybrid Working
My client is a leading financial services organisation based in Surrey who are recruiting for a Cyber Security Manager
As a Cyber Security Manager, you will Provide Security Input for projects in a Digital Transformation Programme as well as establish and maintain Cyber Security policies and procedures.
Own threat management and response. Manage and mentor the Cyber Security team.
Manage Security tooling risks and processes. Own vulnerability management through the whole lifecycle from internal and external monitoring and identification to remediation and reporting.
Cyber Security Manager Benefits:

• 22 days holiday + 8 Bank Holiday (Holiday's increase to 27, 1 additional day per year worked)
• Healthy contributed pension
• Training and development
• Access to a number of financial based products
• Dress down Fridays

As a Cyber Security Manager, you will perform the following tasks:

• Establish and maintain robust Cyber Security policies, playbooks, and procedures, ensuring compliance with regulatory requirements industry standards and the Cyber Security Strategy.
• Identify, evaluate, and mitigate cyber threats. Lead incident response activities and investigations into security breaches.
• Conduct regular risk assessments, audits, and testing of the security infrastructure to identify vulnerabilities and implement necessary improvements.
• Act as the escalation point on monitoring of corporate environment to identify security issues or incidents (Threat Hunting)
• Manage and mentor the security analyst, (monitoring, Investigation, root cause analysis of Security alerts from multiple information sources. Including, but not limited to Darktrace, LogPoint, WithSecure, Mimecast, while ensuring the team stays relevant to the latest Cyber Security trends and technologies.
• Introduce processes to maintain the integrity and protection of corporate and customer data.
• Responsible for managing the business IT vulnerabilities and provide to the service desk team, paths to remediation, through the whole lifecycle to ensure safety and compliance for the business.
• Investigate and analyse escalated security matters, identify methods and solutions in response to security related queries including the ones, submitted by end users.
• Perform root cause analysis of security incidents and participate in post-incident reviews to provide practical recommendations for improving the organisation's threat detection and incident response capabilities and overall security posture
• Perform malware analysis and digital forensics where appropriate
• Drive internal phishing campaigns (KnowBe4 platform) and work with management and HR - Training to raise Cyber awareness within the corporate environment, (new hire inductions, periodic training, etc)
• Own maintenance, renewal and distribution of SSL Certificates
• Manage and own the process of achieving and maintaining Security related certifications (CE+, PCI, etc)
• Ensure readiness, appropriate versioning and health, of the security systems used on security operations
• Identify and promote continual service improvement of all Cyber Security systems and procedures
• Share knowledge with and cross-train other members of the other IT teams

Cyber Security Manager Documentation & Reporting:

• Assist in development of company-wide best practices for Cyber Security
• Document all security alerts, incidents and actions taken for both internal and regulatory use
• Contribute to maintenance of Cyber Security Operations Manual
• Manage Cyber Security actions in audits, Cyber Security exercises and provide supporting documentation
• Provide Cyber Security related reporting dashboards for use at different levels within the business (Regulatory, Board updates, Vulnerabilities, etc)

Cyber Security Manager Key Skills & Experience

• At least 5 year experience in a similar Cyber/IT Security/InfoSec based role
• Experience in a wide range of Cyber Security areas.
• Experience with security tool sets (SIEM, FIM, EDR, NDR)
• The ability to contextualise, categorise and prioritise security events, incidents, and alerts
• Knowledge of security framework and standards implementation (NiST, ISO27001, PCI-DSS, etc)
• Demonstrable passion and enthusiasm for security, including the ability to keep current with the latest threats, technologies, and trends
• Thorough understanding of adversarial tactics, techniques, and procedures
• Knowledge of security related skills within infrastructure, cloud, virtualisation and network concepts and technologies, particularly in a Microsoft-centric environment (Defender for Cloud, Cloud apps, Security scores, Purview including Data classification and retention, Identity Management, and conditional Access)
• Strong attention to detail with an analytical mindset and the ability to spot and investigate anomalous behaviour
• Strong Communication skills and the ability to communicate and present at all levels

Cyber Security Manager Technologies involved:

• SIEM - Logpoint
• Automated Intrusion and response - Darktrace
• AntiVirus / Malware detection
• Email Filtering & Web Security - Mimecast
• FIM - Tripwire
• VMware & VDI Horizon
• Windows Environment
• Microsoft Azure & O365 (Purview, IAM, PIM, Defender for cloud, cloud apps, endpoint)
• AWS
• WAF
• Duo Multifactor Authentication

Cyber Security Manager Additional points if:

• CISSP
• Experience in financial sector or other highly regulated environment
• Experience and understanding of Network Security

Services advertised by Gold Group are those of an Agency and/or an Employment Business.
We will contact you within the next 14 days if you are selected for interview. For a copy of our privacy policy please visit our website.