I wanted to say how appreciative I am for all the help and
encouragement I have had from Emma over the past couple of weeks.
She has worked so hard and kept me informed every step of the way, the
culmination of which was my ideal job offer. She’s a wonderful asset.
Senior Security Transformation Manager
Role: Senior Security Transformation Manager
Location: Acton, London
InfoSec People, the cyber security recruitment experts, are seeking a Senior Security Transformation Manager for a major technology & communications retailer to be based near Acton, London.
The Senior Security Transformation Manager is responsible for the successful delivery of the multi-year InfoSec transformation programme. They will report directly into the head of security transformation and provide leadership to the programme teams, ensuring there is alignment with business and IT strategy and overarching organisational objectives. This role will be responsible for the end-to-end delivery of all security remediation initiatives and is essential in ensuring that the security function is responding appropriately to potential security risks and that the overall security transformation process is successfully delivering to business needs in a timely manner.
Main Areas of Responsibility
*Deputise for Head of Security Transformation in key forums such as programme boards, CoE, etc.
*Responsible for the successful delivery of the multi-year InfoSec transformation programme
*Ensure that there is effective reporting to senior management
*Responsible for the end to end security triage process
*Ownership and management of the security backlog within the InfoSec Jira instance and the allocation of tasks
*Oversee programme teams
*Conduct risk assessments against incoming requirements
*Determine security requirements of the transformation programme
*Ensure that critical or high-risk items are prioritised effectively as part of BAU, transformation or sprint related activities.
*Manage the InfoSec triage meetings
*Liaise and communicate with teams across the business (IT, Data etc)
*Ensure that appropriate escalation processes are in place for risks and issues
*Work with the Head of Digital Awareness to ensure any security changes are effectively communicated
*Identify and communicate current and emerging security threats.
Knowledge, Skills, Ability
*Solid understanding of security protocols
*Wide ranging knowledge of information security and IT security frameworks, standards and application of best practice, such as ISF SoGP and ISO27001.
*Proven experience in the development and design of security best practices and implementation of solid security principles
*A broad understanding of IT principles including: ITIL, hardware and software architecture, SDLC, operating systems and administration, networking technologies, virtualisation, shared storage, cloud, access management and mobile technologies.
*Extensive experience in information security and/or IT risk management
*Demonstrable experience of reporting programme benefits
*Experience participating in medium to large, cross-functional teams with onshore and offshore resources
*Exceptional communication skills with diverse audiences
*The ability to be the enterprise security subject matter expert who can explain technical topics
*Strong leadership, project and team-building skills.
*Knowledge in the use of Jira as a tool to support Sprint and Programme delivery is preferred.
*Educated to Degree level or higher, preferably in a computing, engineering, or information security related discipline.
*Project & Programme Management (e.g. PRINCE2) qualifications beneficial.
*CISSP, CISM & CISA auditing qualifications are preferred.
This is a full time, permanent role. For more information and to apply for the role, please send your CV to Nick Haaker (), Lead InfoSec & GRC Consultant at InfoSec People.
Salary: £70000.00 - £75000 per annum
Job Type: Permanent
Start Date: ASAP
Date Advertised: 2019-09-10 12:12:47
Apply for this job
Please apply for this job below.