Title: Security Assurance Manager
Department: IT
Reporting to : Head of Cyber Security
Reports: Security Analyst(s)
Job Summary/Purpose:
- Ensure security controls and measures are effectively designed, implemented, and working.
- Assess the effectiveness of security controls across projects and services, recommending improvements.
- Lead cyber security control testing activities.
- Risk assess new IT projects and services and regularly evaluate existing ones.
Primary Responsibilities:
Security Assurance:
- Conduct independent, risk-based reviews and assessments of security controls.
- Plan and conduct regular risk and security assessments.
- Ensure new projects and services meet current security standards.
- Track and report on security control metrics.
- Evaluate and improve security practices of third-party vendors.
Cyber Assurance:
- Protect digital information by assessing security controls in new or updated systems.
- Manage risk mitigation measures and accreditation processes.
- Develop and monitor security standards and procedures.
- Ensure compliance with security policies and regulations.
Vulnerability Assessment:
- Identify and classify security vulnerabilities in networks, systems, and applications.
- Prioritise and mitigate vulnerabilities.
Penetration Testing:
- Coordinate third-party penetration testing to identify security vulnerabilities.
- Manage ethical hacking procedures and report findings.
People Management:
- Lead and manage a team of security professionals.
- Provide coaching and development opportunities.
- Allocate resources to address security priorities.
Compliance with IT Governance:
- Operate within established governance frameworks and policies.
- Collaborate with service providers and stakeholders to meet security demands.
Measures of Success:
- Effectively identify and correct security deficiencies.
- Reduce security incidents and breaches.
- Improve security controls after assessments and testing.
- Regularly identify and mitigate vulnerabilities.
Experience, Qualifications, Technical Requirements, Education:
- Experience in cybersecurity management.
- Proven track record in leading security assurance programs.
- Industry-recognised cybersecurity certifications (e.g., CISSP, CISM) preferred.
- Deep technical understanding of security architecture.
- Proficiency in security assessment tools and methodologies.
- Knowledge of security frameworks, standards, and regulations.
- Familiarity with cloud security concepts and solutions.
- Degree in Information Science or related field preferred.
Key Competencies:
- Communicate and collaborate effectively.
- Maintain high professional standards.
- Plan and organise efficiently.
- Lead and mentor teams.
- Ensure safety and integrity in all operations.
Unfortunately we won't be able to respond to every applicant due to the high number of resposnes.