Cyber Security Manager, Vendor management, strategy, Hands on

Apollo Solutions
12 Sep 2017
10 Oct 2017
Contract Type

Cyber Security Manager, Vendor management, strategy, Hands on

A leading e commerce company is seeking a Cyber Security Manager who able to lead from the front,implement a strategy and work closely with 3rd parities/Vendors on a regular basis

the position will be to manage and lead the teams and vendors that provide Threat & Vulnerability Management, Security Controls & Innovation, Security Operation Centre and Internal Security Operations
A hand on and technical security manager who has direct experience of developing security functions and maturity in a fast-paced growing organization, mitigating critical security risks, and implementation of security technologies

An individual who can operate effectively within a matrix organization in which some of his/her areas of responsibility or accountability would need to be delivered via influence and relationships rather than all under their control (e.g. the network perimeter security managed by the infrastructure team)

Apply the information security strategy and ensure that there is quantifiable progress in applying the strategy

Review and contribute to information security standards and policies

Monitor and enforce information security standards and technologies for all systems and infrastructure

Responsible for managing the Threat & Vulnerability management team; this includes intelligence, scanning, PCI specific scanning, remediation & patchy management, discovery, code analysis and penetration testing

Responsible for the Security controls & innovation engineer; ensuring that approved proof of concepts are complete to the point of transitioning a system to the live environment

Responsible for the Security Operations Centre; ensuring that all relevant systems are actively monitored and relevant alerts are being raised and investigated in a timely manner. This may require the use of a specialist third party

Responsible for the internal Security Operations Team; who liaise with both third-party service suppliers and internal teams to ensure all security controls are being monitored and updated

Responsible for establishing and governing the Security Incident response processes, investigations and security operational processes

Collaborate with the Technology operations team to ensure information security risks in both ongoing and planned operations are properly considered and all compliance matters are being adhered to as required

Collaborate with the Platform Leads, Technology infrastructure teams and Dev Ops teams to ensure the appropriate network and infrastructure security measures, technologies and processes are in place

Collaborate across the enterprise with other functional areas to achieve data protection objectives. These areas will include but not be limited to People team, Supply Chain and Customer Care, Retail, Legal and Finance

Lead and / or advise business units as necessary to investigate security incidents; to pursue associated potential disciplinary and legal actions in collaboration with the People team and Legal as appropriate
Develop and grow the talent and people capability within the security team, optimising the mix of internal vs external individuals and 3rd parties
Conduct regular and ongoing monitoring of and reporting on enterprise-wide compliance with information security standards and policies

Achievement of agreed security standards as agreed by the CISO

Technical Skills
Proven leadership qualities (Direct/Matrix)
Proven ability to drive a team to achieve its goals within a fast paced and highly agile environment
People development across the function
Bachelor's degree in Information Security, Computer Science, Information Management Systems, Business/Accounting or related field/related experience
Previous experience as a security manager
Direct experience working with a Managed Security Services Provider
Security Incident response experience
Strong experience managing technology teams
Strong technical skills relevant to Information Security such as secure coding standards, ethical hacking techniques, network security, SIEM and risk analysis
Familiarity with Information Security industry standards/best practices and relevant regulations (e.g. PCI DSS, SOX, NIST, ISO, CobiT)
Analytical and detail-oriented
Strong understanding of security technologies and best practices
Senior stakeholder management
Management of specialist security suppliers and software vendors / 3rd parties
Strong communication and presentation skills

Cyber Security Manager, Vendor management, strategy, Hands on