IT Security Assurance Manager
Salary: £54,477 to £58,550 plus £2,623 location allowance.
Location: London: Lambeth, Kensington, and others
A rare and truly exciting career opportunity has arisen for an experienced IT Security Assurance Manager. Joining at a time of huge transformation, you’ll be key in assuring security standards are met across a complex and ever-changing digital portfolio used by over 40,000 staff. You’ll lead and assess all security ICT compliance processes, motivate an outstanding team and serve as the focal point for all security management communication for a major, London based public sector organisation.
This opportunity would suit a career minded professional with a passion for IT security compliance. In return you’ll receive a competitive salary, a £2.6k location allowance, an outstanding civil service pension, flexible working, training budgets, childcare support, fitness facilities and an array of other benefits.
- With Security Panel as a monthly focal point, maintain a clear understanding of security compliance by SIAM and tower providers, deal with any gaps arising and if needed raise and manage risks
- Set up and run security assurance processes across non SIAM and tower (including Log and Manage) suppliers – to include awareness raising, assessment of compliance, audit schedule aligned with ISO 27001
- Be the Service Delivery approver for security documents and requests including supplier documentation annual reviews, security aspect letters, contractual schedules, certificate requests, privilege access requests
- Provide line management to the Metadirectory team and a Security Assurance Officer
Required Skills and Experience
- Excellent knowledge of security ICT controls, strong service and supplier management skills and strong attention to detail.
- The ability to assess ICT security risks and incidents
- Knowledge of ISO27001
- The ability to scope and perform audits of supplier activities
- The ability to design and manage a programme of ongoing assurance activity tailored to known areas of risk
- Knowledge of ITIL v3 and preferably its application by 3rd party suppliers
- The ability to review and approve / reject certificate requests
- An understanding of operational policing and its use of ICT
- Experience of working with and managing outsource service suppliers in an enterprise ICT environment
- The ability to review operational security reports and exceptions and ensure appropriate actions are taken
Please note that interested candidates will be subject to extensive security vetting – National Security Vetting (NSV) Security Check (enhanced) (SC(e)) level – before taking up the post; with a willingness to undergo Developed Vetting (DV) once in post, if required.