Information Security Manager
| Dyddiad hysbysebu: | 28 Ebrill 2025 |
|---|---|
| Oriau: | Llawn Amser |
| Dyddiad cau: | 28 Mai 2025 |
| Lleoliad: | Leicester, Leicestershire |
| Gweithio o bell: | Yn gyfan gwbl o bell |
| Cwmni: | Virgule International Limited |
| Math o swydd: | Cytundeb |
| Cyfeirnod swydd: | Vrg_2425_062 |
Crynodeb
Reference: Vrg_2425_062
Job title: Information Security Manager
We are looking for a skilled Information Security Manager for a future role to join our cybersecurity team. This role involves leading a team to ensure the confidentiality, integrity, and availability of critical information systems, while effectively mitigating risk through the use of advanced security tools, frameworks, and processes. The ideal candidate will have expertise in security operations, risk management, identity and access management (IAM), and the implementation of frameworks such as NIST and ISO 27001.
Key Responsibilities:
Lead the development, implementation, and management of information security policies and programs, ensuring alignment with industry standards such as NIST, ISO 27001, and CIS Controls.
Oversee risk management efforts, utilizing tools like RSA Archer, RiskLens, and OneTrust to assess and mitigate security risks, ensuring the effective application of the FAIR model.
Manage and optimize Security Information and Event Management (SIEM) solutions like Splunk, IBM QRadar, ArcSight, and LogRhythm to monitor, detect, and respond to security events and incidents.
Oversee the IAM program to ensure proper user access controls and authentication practices across systems and platforms.
Lead incident response efforts, using tools like TheHive, EnCase, FTK, and Autopsy for investigating and managing security incidents, and coordinating with forensic teams as needed.
Leverage threat intelligence tools like Recorded Future, Anomali ThreatStream, ThreatConnect, and MISP to identify emerging threats and improve prevention mechanisms.
Ensure the deployment and management of endpoint security tools such as CrowdStrike, Carbon Black, SentinelOne, and Microsoft Defender for Endpoint, as well as network defense tools like Palo Alto Networks, Cisco ASA, Fortinet FortiGate, and Snort.
Oversee the implementation of secure backup and recovery solutions, utilizing tools such as Zerto, Veeam Backup & Replication, Acronis Cyber Backup, and Druva.
Ensure compliance with relevant security frameworks and regulatory requirements through the use of audit tools and assessments aligned with ISO 27001, NIST Cybersecurity Framework, and others.
Required Skills & Qualifications:
Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent certifications are preferred.
Knowledge of ISO 27001, NIST Cybersecurity Framework, and CIS Controls.
Proficiency in SIEM tools such as Splunk, IBM QRadar, ArcSight, LogRhythm.
Hands-on experience with identity and access management (IAM) solutions and tools.
Expertise in risk management and risk assessment platforms like RSA Archer, RiskLens, and OneTrust.
Familiarity with data loss prevention (DLP) technologies and incident response tools like TheHive, EnCase, FTK, and Autopsy.
Experience with endpoint protection tools (CrowdStrike, Carbon Black, SentinelOne, Microsoft Defender for Endpoint).
Knowledge of threat intelligence platforms (Recorded Future, Anomali ThreatStream, ThreatConnect, MISP).
Advanced knowledge of firewalls and network security tools (Palo Alto Networks, Cisco ASA, Fortinet FortiGate, Snort, Suricata, Zeek).
Experience with backup and disaster recovery tools such as Zerto, Veeam, and Acronis.
Strong leadership and team management abilities.
Exceptional understanding of information security best practices, risk management, and governance frameworks.
Excellent communication and interpersonal skills to collaborate across departments and with external stakeholders.
Ability to develop and execute a comprehensive security program, balancing strategic planning with day-to-day operations.
Job title: Information Security Manager
We are looking for a skilled Information Security Manager for a future role to join our cybersecurity team. This role involves leading a team to ensure the confidentiality, integrity, and availability of critical information systems, while effectively mitigating risk through the use of advanced security tools, frameworks, and processes. The ideal candidate will have expertise in security operations, risk management, identity and access management (IAM), and the implementation of frameworks such as NIST and ISO 27001.
Key Responsibilities:
Lead the development, implementation, and management of information security policies and programs, ensuring alignment with industry standards such as NIST, ISO 27001, and CIS Controls.
Oversee risk management efforts, utilizing tools like RSA Archer, RiskLens, and OneTrust to assess and mitigate security risks, ensuring the effective application of the FAIR model.
Manage and optimize Security Information and Event Management (SIEM) solutions like Splunk, IBM QRadar, ArcSight, and LogRhythm to monitor, detect, and respond to security events and incidents.
Oversee the IAM program to ensure proper user access controls and authentication practices across systems and platforms.
Lead incident response efforts, using tools like TheHive, EnCase, FTK, and Autopsy for investigating and managing security incidents, and coordinating with forensic teams as needed.
Leverage threat intelligence tools like Recorded Future, Anomali ThreatStream, ThreatConnect, and MISP to identify emerging threats and improve prevention mechanisms.
Ensure the deployment and management of endpoint security tools such as CrowdStrike, Carbon Black, SentinelOne, and Microsoft Defender for Endpoint, as well as network defense tools like Palo Alto Networks, Cisco ASA, Fortinet FortiGate, and Snort.
Oversee the implementation of secure backup and recovery solutions, utilizing tools such as Zerto, Veeam Backup & Replication, Acronis Cyber Backup, and Druva.
Ensure compliance with relevant security frameworks and regulatory requirements through the use of audit tools and assessments aligned with ISO 27001, NIST Cybersecurity Framework, and others.
Required Skills & Qualifications:
Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent certifications are preferred.
Knowledge of ISO 27001, NIST Cybersecurity Framework, and CIS Controls.
Proficiency in SIEM tools such as Splunk, IBM QRadar, ArcSight, LogRhythm.
Hands-on experience with identity and access management (IAM) solutions and tools.
Expertise in risk management and risk assessment platforms like RSA Archer, RiskLens, and OneTrust.
Familiarity with data loss prevention (DLP) technologies and incident response tools like TheHive, EnCase, FTK, and Autopsy.
Experience with endpoint protection tools (CrowdStrike, Carbon Black, SentinelOne, Microsoft Defender for Endpoint).
Knowledge of threat intelligence platforms (Recorded Future, Anomali ThreatStream, ThreatConnect, MISP).
Advanced knowledge of firewalls and network security tools (Palo Alto Networks, Cisco ASA, Fortinet FortiGate, Snort, Suricata, Zeek).
Experience with backup and disaster recovery tools such as Zerto, Veeam, and Acronis.
Strong leadership and team management abilities.
Exceptional understanding of information security best practices, risk management, and governance frameworks.
Excellent communication and interpersonal skills to collaborate across departments and with external stakeholders.
Ability to develop and execute a comprehensive security program, balancing strategic planning with day-to-day operations.