Cybersecurity Manager
As the Cybersecurity Manager, it will be your responsibility to establish guidelines and make sure that everyone in the company is aware of their respective roles in terms of IT security. You'll know exactly how to handle the conflict that inevitably arises between security considerations and the need for commercial delivery.
The following tasks will fall under your purview:
- Responsibility for developing, upholding, and executing standards Collaborate with employees and stakeholders to foster a culture where security is viewed as a vital component of everyone's duty and is always top of mind.
- The development of instructional materials and support for the company's overall ongoing upskilling in security-related jobs
- Give daily guidance on security-related issues to the entire company.Collaborating with our SOC to maintain adequate and current issue detection models and alert response procedures
- Coordinating with our MSSP to define the scope and carry out penetration testing and vulnerability scanning
- Creation of security guidelines for infrastructure delivery, operations, and development
- Assist in conducting external and internal IT security audits.
- Collaborating with development teams to ensure security is taken into account at the design stage of architectural modifications
- Conducting tabletop security drills to evaluate our response strategies and competencies
- Meeting capacity providers' and auditors' expectations for due diligence and compliance in security-related areas
- Coordination and scheduling of DR test exercises
Although not necessary, prior insurance experience would be beneficial. You'll be someone who has knowledge of:
- Establishing and carrying out IT security procedures within a financial services company and exhibiting a clear grasp of the related risk management
- Familiarity with cloud security, particularly with Azure's cloud native technologies
- Understanding of safe development procedures and necessary tools
- Familiarity in executing security testing procedures like phishing campaigns and tabletop simulations.
- Familiarity with security audit specifications in financial services firms