IT Security Manager
Hemel Hempstead, United Kingdom
NECSWS
NEC Software Solutions builds software and services that deliver better outcomes, keeping people safer, healthier and better connected.Company Description
Come join us and make a difference in the world!
We’re NEC Software Solutions (part of global tech giant NEC Corporation). While you read this ad, our software is helping to dispatch ambulances, support families, keep trains on the move, locate missing people and even test the hearing of newborn babies.
Working with us, you’ll be helping our 3,000+ employees push the boundaries of what’s possible and support amazing public services.
We work with governments, hospitals, police forces, housing providers, local authorities and more. We help them pay financial support faster, speed up treatments for patients and respond to emergencies in the right way. The more we do, the more our customers can do for others. And together, we make a world of difference.
We’d love your help. And we’ll support you all the way.
Discover more at www.necsws.com
Job Description
As the Security Manager, you will be part of an InfoSec team that manage the delivery of security & accreditation to the NEC business and our customers. Interacting with the wider InfoSec team as well as other departments across NEC, the Security Manager will support the InfoSec team to deliver its objectives.
Communication and collaboration are paramount to this role, the Security Manager will work with the architecture team, the wider technology teams and the Data Protection Officer to ensure that processes, procedures and policies are created, updated and adhered to as part of keeping us and our customers secure.
The Security Manager will support the InfoSec team to respond to security incidents, ensuring that they are closed and actioned in a swift manner and that lessons are learnt via detailed root cause analysis. An accreditation programme of work is in place within NEC which ensures that our accreditations are maintained, the role will contribute to this by supporting the arrangement of security testing such as IT Health Check testing and penetration testing, ensuring that security procedures are regularly reviewed as well as maintaining security assurance and accreditation documentation.
The role will play a key role in supporting the InfoSec and Compliance teams to retain ISO 27001 and comply with the Information Security Management Standard. Attend audits both internal and external and ensure that the processes followed by the InfoSec team are well maintained, documented and reviewed for effectiveness on a regular basis.
You will support knowledge management initiatives working with team members to develop content for use within the team and to be published to the wider business. The role will support the Security Director to ensure that our security policies are regularly updated to ensure we are constantly improving our security landscape. The role will also have the opportunity to support the continuous improvement of our annual security and data compliance training; which is a number of in house developed CBT modules to support our colleagues to understand the security requirements of their role in keeping us secure.
The successful candidate will report to the InfoSec Team Manager and join a diverse team comprising security Analysts, Security engineers, Security Managers and work closely with our Security Architects and Data Protection Officer.
The role is primarily home based with an expectation that travel to NEC offices and customer locations will be required on an ad-hoc basis.
Responsibilities will include:
Work within the InfoSec team to support the key activities;
- Assist security incident management and root cause analysis.
- Assist with the supplier management process to review questionnaire responses from all NEC suppliers in relation to security.
- Schedule security testing and create remediation plans from the test reports- seeing remediation through to completion.
- Contribute to process documentation and policy review.
- Support the bid team with responses to security questions received in bids .
- Conduct security assessments and audits on people, process and technology within NEC.
Qualifications
Essential experience
- Proven experience working in an IT security role
- Exposure to security testing process and reports such as penetration testing
- Experience and working knowledge of ISO 27001 Information Security Management standard
- A good understanding of an approach to risk management – knowing that context is key
- A strong focus on business outcomes
Desirable experience
- Delivering pragmatic security management plans aligned to varying degrees of risk appetite
- Working at an analytical level with a SIEM
- Experience working within a shared environment with multiple tenants and requirements.
- Experience in working on solutions or projects that require formal independent accreditations.
- Working knowledge of Cyber Essentials Plus
Essential attributes
- Strong and demonstrated team working experience
- High degree of personal motivation and ability to self-manage
- Ability to communicate security and technical solutions to non-technical or security resources internally and external to NEC
- Comfortable with collaboration, open communication and reaching across a range of functions and teams.
- Excellent verbal and written communication skills.
- Security clearance held or ability to gain Security Clearance in addition to Baseline Personnel Security Standard
Additional Information
We are proud of the benefits we offer employees of NEC Software Solutions
- Private Medical Cover funded by NEC for Employees (with the option to add family members at an additional cost)
- 25 days paid holiday with the option to buy/ sell
- 4 x basic salary life assurance cover funded by NEC (with the option to increase cover at an additional cost)
- A Group Pension Plan with fantastic employer contributions up to a maximum of 8.5%
- A fantastic selection of flexible benefits to suit your individual needs
- We are an employer who cares, we have a invaluable employee assistance programme which can help in every area of your life
- All colleagues get free access to LinkedIn Learning. Over 15000 courses covering a huge breadth of subjects. Learn about what you like, when you like, how you like.
Other Information
Candidates must be able to demonstrate a pre-existing right to work and travel within the EU. Documentary evidence will be required.
All offers are subject to satisfactory security vetting and reference checks. As standard, all roles undertake a Disclosure Barring Service (DBS) check. As a provider of services to the UK Government, where necessary NEC adheres to HMG’s personnel security and vetting policy requiring that minimum personnel security controls are checked as specified in the Baseline Personnel Security Standard (BPSS). Some roles may require national security vetting clearance at the Security Check (SC) level and Non-Police Personnel Vetting (NPPV) Level 3.
Where applicable local (non-UK) security checks and vetting schemes will be used to provide sufficient personnel security controls.
NEC Software Solutions is an equal opportunities employer, welcoming applications from all communities.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Clearance Compliance ISO 27001 Pentesting Risk management Security assessment Security Clearance SIEM
Perks/benefits: Career development Flex hours Health care
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open Forensics-related jobs