IT Security Manager

Company Description

Come join us and make a difference in the world!

We’re NEC Software Solutions (part of global tech giant NEC Corporation). While you read this ad, our software is helping to dispatch ambulances, support families, keep trains on the move, locate missing people and even test the hearing of newborn babies.

Working with us, you’ll be helping our 3,000+ employees push the boundaries of what’s possible and support amazing public services.

We work with governments, hospitals, police forces, housing providers, local authorities and more. We help them pay financial support faster, speed up treatments for patients and respond to emergencies in the right way. The more we do, the more our customers can do for others. And together, we make a world of difference.

We’d love your help. And we’ll support you all the way.

Discover more at www.necsws.com

Job Description

As the Security Manager, you will be part of an InfoSec team that manage the delivery of security & accreditation to the NEC business and our customers. Interacting with the wider InfoSec team as well as other departments across NEC, the Security Manager will support the InfoSec team to deliver its objectives.  

Communication and collaboration are paramount to this role, the Security Manager will work with the architecture team, the wider technology teams and the Data Protection Officer to ensure that processes, procedures and policies are created, updated and adhered to as part of keeping us and our customers secure.  

The Security Manager will support the InfoSec team to respond to security incidents, ensuring that they are closed and actioned in a swift manner and that lessons are learnt via detailed root cause analysis. An accreditation programme of work is in place within NEC which ensures that our accreditations are maintained, the role will contribute to this by supporting the arrangement of security testing such as IT Health Check testing and penetration testing, ensuring that security procedures are regularly reviewed as well as maintaining security assurance and accreditation documentation.  

The role will play a key role in supporting the InfoSec and Compliance teams to retain ISO 27001 and comply with the Information Security Management Standard. Attend audits both internal and external and ensure that the processes followed by the InfoSec team are well maintained, documented and reviewed for effectiveness on a regular basis.  

You will support knowledge management initiatives working with team members to develop content for use within the team and to be published to the wider business. The role will support the Security Director to ensure that our security policies are regularly updated to ensure we are constantly improving our security landscape. The role will also have the opportunity to support the continuous improvement of our annual security and data compliance training; which is a number of in house developed CBT modules to support our colleagues to understand the security requirements of their role in keeping us secure.  

The successful candidate will report to the InfoSec Team Manager and join a diverse team comprising security Analysts, Security engineers, Security Managers and work closely with our Security Architects and Data Protection Officer. 

The role is primarily home based with an expectation that travel to NEC offices and customer locations will be required on an ad-hoc basis. 

Responsibilities will include: 

Work within the InfoSec team to support the key activities; 

• Assist security incident management and root cause analysis. 
• Assist with the supplier management process to review questionnaire responses from all NEC suppliers in relation to security. 
• Schedule security testing and create remediation plans from the test reports- seeing remediation through to completion. 
• Contribute to process documentation and policy review. 
• Support the bid team with responses to security questions received in bids . 
• Conduct security assessments and audits on people, process and technology within NEC. 

Qualifications

Essential experience

• Proven experience working in an IT security role 
• Exposure to security testing process and reports such as penetration testing 
• Experience and working knowledge of ISO 27001 Information Security Management standard 
• A good understanding of an approach to risk management – knowing that context is key  
• A strong focus on business outcomes 

Desirable experience

• Delivering pragmatic security management plans aligned to varying degrees of risk appetite 
• Working at an analytical level with a SIEM 
• Experience working within a shared environment with multiple tenants and requirements.  
• Experience in working on solutions or projects that require formal independent accreditations.  
• Working knowledge of Cyber Essentials Plus

Essential attributes

• Strong and demonstrated team working experience
• High degree of personal motivation and ability to self-manage
• Ability to communicate security and technical solutions to non-technical or security resources internally and external to NEC
• Comfortable with collaboration, open communication and reaching across a range of functions and teams.
• Excellent verbal and written communication skills.
• Security clearance held or ability to gain Security Clearance in addition to Baseline Personnel Security Standard

Additional Information

We are proud of the benefits we offer employees of NEC Software Solutions 

• Private Medical Cover funded by NEC for Employees (with the option to add family members at an additional cost)
• 25 days paid holiday with the option to buy/ sell 
• 4 x basic salary life assurance cover funded by NEC (with the option to increase cover at an additional cost)
• A Group Pension Plan with fantastic employer contributions up to a maximum of 8.5%
• A fantastic selection of flexible benefits to suit your individual needs
• We are an employer who cares, we have a invaluable employee assistance programme which can help in every area of your life
• All colleagues get free access to LinkedIn Learning. Over 15000 courses covering a huge breadth of subjects. Learn about what you like, when you like, how you like.

Other Information 

Candidates must be able to demonstrate a pre-existing right to work and travel within the EU. Documentary evidence will be required.

All offers are subject to satisfactory security vetting and reference checks. As standard, all roles undertake a Disclosure Barring Service (DBS) check. As a provider of services to the UK Government, where necessary NEC adheres to HMG’s personnel security and vetting policy requiring that minimum personnel security controls are checked as specified in the Baseline Personnel Security Standard (BPSS). Some roles may require national security vetting clearance at the Security Check (SC) level and Non-Police Personnel Vetting (NPPV) Level 3.

Where applicable local (non-UK) security checks and vetting schemes will be used to provide sufficient personnel security controls.

NEC Software Solutions is an equal opportunities employer, welcoming applications from all communities.