Senior Technical Security Manager
- Recruiter
- Confidential
- Location
- United Kingdom
- Salary
- Competitive
- Posted
- 20 Jun 2022
- Closes
- 12 Jul 2022
- Sectors
- Facilities Management
- Contract Type
- Permanent
- Hours
- Full Time
About the role
The Technical Security Manager is responsible for leading the Cyber Security and Technical Operations function in Security. Working in partnership with our MSSP, you ll ensure that existing and new systems adhere to the Security controls mandated by the business and provide ongoing detection and event management capability. You ll liaise closely with stakeholders across the company to provide expert strategy, risk and technical advice, and support on cyber security, both for business-as-usual and planned projects. The role requires a broad range of cyber and information security skills, knowledge and experience.
Key responsibilities include:
Managing the services provided by our security partners, ensuring delivery of services are within agreed parameters.
Working closely with the IT Operations, Architects and management teams to support in defining, delivering and maintaining infrastructure that creates a secure operating environment for the business and colleagues.
Leading and managing the Technical Security team through the entire employee life cycle.
Leading the development, configuration and operations of security tooling to improve our protection and detection capability.
Providing resource and assisting in ongoing investigations, with forensic and response activities, for information Security Incidents, events and issues in accordance with relevant procedures and standards.
Supporting Information Security team in client engagements and solution offerings.
Leading in vulnerability management, setting appropriate risk and priority levels for identified vulnerabilities to ensure we maintain an effective cyber security posture.
Assuring Cyber Security is considered and architected in all aspects of design and development of systems and processes by a Secure Systems Development Lifecycle capability.
Maintaining awareness of emerging security threats, trends and issues.
Assisting in the creation, testing and implementation of response and recovery plans in support of incident management threat modelling.
Managing regular Phishing simulations and scheduled red teaming exercises to measure the effectiveness of our cyber security capability.
Performing technical assessments of new and existing processing systems, identifying potential weaknesses and recommending suitable protection measures.
Ensuring that threats and vulnerabilities are managed appropriately, and remediation is carried out according to agreed timescales and in line with Incident Response.
Providing subject matter expertise as required for key projects, functions and services; providing regular, timely reporting on the cyber security status across the supported business units.
Skills and experience required
Extensive Cyber Security knowledge across multiple practices, including Threat Management, Security Operations and Testing.
An excellent understanding of current and emerging technology practices.
Expertise to plan and execute projects, to agreed timescales.
Aptitude to gather and analyse threat intelligence from multiple sources and disseminate the information effectively to affected stakeholders.
Some experience of designing and implementing security architecture.
Knowledge of security frameworks (ISO 27001, NIST, Cyber Essentials, etc).
Some knowledge of Azure or other cloud-based architecture desirable.
Broad understanding of the services that the Zellis provides to its customer base, and map this to Cyber Security policies and standards.
Insight and intimate understanding of existing and new service contracts as they relate to Cyber Security and Data Protection.
Develops a very good working knowledge of the procedures and tools used within the security practice.
Excellent role model and people manager.
Appreciative of Zellis Performance Management practices, including training needs and mentoring of direct reports.
Demonstrate excellent communication skills, with a confident and reassuring customer-facing style; ability to work effectively under pressure, keeping a calm and respectable demeanour always. Takes ownership of issues and is proactive in resolution. Creative in problem solving, always considering the art of the possible.
About Us
Zellis is the leading provider of payroll and HR solutions for the UK & Ireland. Together with Benefex and Moorepay we form the Zellis Group, serving a vast array of companies across every vertical and industry. Our purpose is to make people feel appreciated for the work they do - through precision, choice, and magic.
We have over 50 years of heritage and industry experience - and we ve been ahead of the curve throughout. More than half a century ago, we were founded as Peterborough Data Processing. Quite a lot has changed since then - not least our name. We were acquired by Northgate, becoming NorthgateArinso in 2007 and NGA Human Resources UK and Ireland in 2014, where we were joined by Moorepay. In 2018, the UK and Ireland division was sold to Bain Capital and now we operate as a standalone company, Zellis. After acquiring Benefex, we re now even better equipped to serve the complex needs of our customers.
Our vision is to be the clear leader in pay, reward, analytics, and people experiences. We re proud of our culture and we work hard to create an environment where people want to join, belong to, and be part of a progressive organisation. Our values, which were defined with input from all of our 2,000 colleagues, are not empty words on a poster:
Unstoppable together.
Always learning.
Make it count
The Technical Security Manager is responsible for leading the Cyber Security and Technical Operations function in Security. Working in partnership with our MSSP, you ll ensure that existing and new systems adhere to the Security controls mandated by the business and provide ongoing detection and event management capability. You ll liaise closely with stakeholders across the company to provide expert strategy, risk and technical advice, and support on cyber security, both for business-as-usual and planned projects. The role requires a broad range of cyber and information security skills, knowledge and experience.
Key responsibilities include:
Managing the services provided by our security partners, ensuring delivery of services are within agreed parameters.
Working closely with the IT Operations, Architects and management teams to support in defining, delivering and maintaining infrastructure that creates a secure operating environment for the business and colleagues.
Leading and managing the Technical Security team through the entire employee life cycle.
Leading the development, configuration and operations of security tooling to improve our protection and detection capability.
Providing resource and assisting in ongoing investigations, with forensic and response activities, for information Security Incidents, events and issues in accordance with relevant procedures and standards.
Supporting Information Security team in client engagements and solution offerings.
Leading in vulnerability management, setting appropriate risk and priority levels for identified vulnerabilities to ensure we maintain an effective cyber security posture.
Assuring Cyber Security is considered and architected in all aspects of design and development of systems and processes by a Secure Systems Development Lifecycle capability.
Maintaining awareness of emerging security threats, trends and issues.
Assisting in the creation, testing and implementation of response and recovery plans in support of incident management threat modelling.
Managing regular Phishing simulations and scheduled red teaming exercises to measure the effectiveness of our cyber security capability.
Performing technical assessments of new and existing processing systems, identifying potential weaknesses and recommending suitable protection measures.
Ensuring that threats and vulnerabilities are managed appropriately, and remediation is carried out according to agreed timescales and in line with Incident Response.
Providing subject matter expertise as required for key projects, functions and services; providing regular, timely reporting on the cyber security status across the supported business units.
Skills and experience required
Extensive Cyber Security knowledge across multiple practices, including Threat Management, Security Operations and Testing.
An excellent understanding of current and emerging technology practices.
Expertise to plan and execute projects, to agreed timescales.
Aptitude to gather and analyse threat intelligence from multiple sources and disseminate the information effectively to affected stakeholders.
Some experience of designing and implementing security architecture.
Knowledge of security frameworks (ISO 27001, NIST, Cyber Essentials, etc).
Some knowledge of Azure or other cloud-based architecture desirable.
Broad understanding of the services that the Zellis provides to its customer base, and map this to Cyber Security policies and standards.
Insight and intimate understanding of existing and new service contracts as they relate to Cyber Security and Data Protection.
Develops a very good working knowledge of the procedures and tools used within the security practice.
Excellent role model and people manager.
Appreciative of Zellis Performance Management practices, including training needs and mentoring of direct reports.
Demonstrate excellent communication skills, with a confident and reassuring customer-facing style; ability to work effectively under pressure, keeping a calm and respectable demeanour always. Takes ownership of issues and is proactive in resolution. Creative in problem solving, always considering the art of the possible.
About Us
Zellis is the leading provider of payroll and HR solutions for the UK & Ireland. Together with Benefex and Moorepay we form the Zellis Group, serving a vast array of companies across every vertical and industry. Our purpose is to make people feel appreciated for the work they do - through precision, choice, and magic.
We have over 50 years of heritage and industry experience - and we ve been ahead of the curve throughout. More than half a century ago, we were founded as Peterborough Data Processing. Quite a lot has changed since then - not least our name. We were acquired by Northgate, becoming NorthgateArinso in 2007 and NGA Human Resources UK and Ireland in 2014, where we were joined by Moorepay. In 2018, the UK and Ireland division was sold to Bain Capital and now we operate as a standalone company, Zellis. After acquiring Benefex, we re now even better equipped to serve the complex needs of our customers.
Our vision is to be the clear leader in pay, reward, analytics, and people experiences. We re proud of our culture and we work hard to create an environment where people want to join, belong to, and be part of a progressive organisation. Our values, which were defined with input from all of our 2,000 colleagues, are not empty words on a poster:
Unstoppable together.
Always learning.
Make it count