Cyber Security Manager


Premium Job From Carlisle City Council

Recruiter

Carlisle City Council

Listed on

1st October 2021

Location

Carlisle

Type

Permanent

Start Date

ASAP

This job has now expired please search on the home page to find live IT Jobs.

Cyber Security Manager

Full Time (37 hours a week)

Up to £41,881

This is a new position which means we are looking for a motivated and enthusiastic Cyber Security Manager to help establish and develop good practice within the service and the wider Authority. The role offers the opportunity for hybrid working in a flexible service.  

The post holder will become the Authority's expert in Cyber Security. They will have responsibility for the effective operational management of the Cyber Security agenda across the Authority, ensuring the protection of IT Systems utilised to support customer and back-office functions. This person is expected to become expert in and up to date with policies, procedures, legislation, and good practice surrounding Cyber Security.

This is a varied hands-on role that involves working closely with all areas of ICT Services and the wider organisation to promote and develop a security first approach and practice.

You will support the ICT Service teams in strategic security projects focusing on patching and vulnerability management.

Responsibilities / Essential Skills

Reporting to the Head of Digital and Technology, you will be responsible for driving and implementing security initiatives to protect the business from security threats and cyber-attacks, delivering best practice security controls and processes

Establish and execute the security strategy for the development of information security technologies, cyber risk management and policies and practices while ensuring information security and compliance within applicable regulations

Providing hands-on leadership in risk identification to accurately map out critical security issues and recommendations

Plan and manage security testing and simulations, including red assessments and phishing simulations.

Investigate and respond to breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities

Scheduling and conducting periodic security assessments, including desktop and red team exercises.

Proven experience of strategically leading security operations.

Ability to communicate at all levels (technical / non-technical) with clarity and precision, both written and verbally.

Ideally hold at least one Security Compliance certification (CISSP, CEH, CISM)

Main Skills/ Requirements:

Security Incident Management and Crisis Management experience

Sound knowledge and experience with compliance frameworks such as NIST, MITRE ATT&CK, and PCI DSS

Experience with SIEM systems

Scripting with Python and/or PowerShell

Experience of Data Leakage prevention strategies

Excellent understanding across multiple technology areas - Networking, Operating Systems (Windows, Linux, and Mac), Application Security, AWS.

Experience leading investigations, threat hunting and writing playbooks.

Knowledge of Mitre security framework, NIST standards and Controls, ISO27001 and PCI-DSS

Knowledge of Microsoft Azure Sentinel and Defender Advanced Threat Protection.

Knowledge of Microsoft Active Directory.

We offer an excellent benefits package with flexible working, a generous pension scheme and fabulous development opportunities.

The closing date for applications is 12 noon on Friday 22 October 2021 and interviews are anticipated to take place week commencing 8 November 2021.

You are currently using an outdated browser.

Please consider using a modern browser such as one listed below: