Cyber Security Manager

📋 Description

• • Join Necsws Business Consultant as a Cyber Security Manager and become an integral part of our dedicated InfoSec team, responsible for the comprehensive management of security and accreditation delivery to both NEC business operations and our valued customers.
• • This pivotal role offers flexibility, with the option for Hybrid or Remote working arrangements, subject to your location, ensuring a work-life balance that suits your needs.
• • As a Security Manager, you will engage actively with the broader InfoSec team and collaborate across various departments within NEC, providing crucial support to help the InfoSec team achieve its strategic objectives and maintain a robust security posture.
• • Communication and collaboration are the cornerstones of this position. You will work hand-in-hand with the architecture team, diverse technology teams, and the Data Protection Officer to meticulously develop, update, and enforce processes, procedures, and policies. This collaborative effort is essential for safeguarding NEC and our customers.
• • A key responsibility will be the production of essential security assurance documentation, working alongside Security Architects. This documentation is critical for the accreditation of our customers, demonstrating our commitment to stringent security standards.
• • You will play a vital role in NEC's ongoing accreditation program, which is designed to ensure our accreditations are consistently maintained and enhanced.
• • This involves actively supporting the arrangement of security testing, a proactive measure to identify potential weaknesses.
• • Following testing, you will be instrumental in producing detailed remediation plans, outlining the steps needed to address identified vulnerabilities.
• • You will drive the execution of these remediation plans, collaborating with wider business support teams to ensure identified vulnerabilities are effectively addressed, thereby continuously improving the security posture of our environments.
• • Furthermore, you will contribute significantly to the procurement process by providing well-articulated written responses to customer tenders and security questionnaires.
• • These contributions will detail the sophisticated technical and procedural controls NEC has implemented to protect our network infrastructure and sensitive customer data, clearly articulating how we meet and exceed required industry standards.
• • In the event of a security incident, you will provide critical support to the wider InfoSec team, ensuring swift and effective responses.
• • This includes ensuring incidents are closed and actioned promptly, and that valuable lessons are learned through thorough root cause analysis, fostering a culture of continuous improvement.
• • You will be expected to proactively issue clear and concise security advice and guidance to the rest of the business, ensuring alignment with our established policies and procedures.
• • Support key initiatives by working collaboratively with team members to develop engaging content.
• • This content will be utilized internally within the InfoSec team and published to the wider business, promoting security awareness and best practices across the organization.
• • You will report directly to the Cyber Assurance Manager, joining a dynamic and diverse InfoSec team.
• • This team comprises skilled Security Analysts, Security Engineers, and fellow Security Managers, and you will work closely with our expert Security Architects and the Data Protection Officer.
• • While the role is primarily home-based, there is an expectation of ad-hoc travel to NEC offices, facilitating essential face-to-face collaboration and strategic discussions.
• • Your responsibilities will encompass working within the InfoSec team to support key activities, providing consistent and qualified responses to tenders and assurance questionnaires from customers, and producing and maintaining security assurance documentation required for accreditation.
• • You will ensure compliance with relevant security standards, service management procedures, regulations, and industry best practices, acting as a guardian of our security framework.
• • A crucial part of your role will be to schedule security testing and create remediation plans from the test reports, diligently overseeing the remediation process through to completion.
• • You will contribute significantly to process documentation and policy review, ensuring our security frameworks remain current and effective.
• • Conduct comprehensive security assessments and audits, evaluating people, processes, and technology within NEC to identify areas for enhancement.
• • Assist in the critical functions of security incident management and vulnerability management, contributing to a proactive and responsive security operation.
• • Please note that pre-employment checks are required, including Baseline Standard and Disclosure Scotland (BPSS). Upon employment, the candidate must be able to achieve and maintain NPPV L3 SC clearance, a testament to the trust and responsibility associated with this role.