IT Security Manager – Edinburgh
Do you enjoy working in a fast–paced change environment? Want to feel part of a growing financial services brand?
At Sainsbury’s Bank, we’re proud to be different, as well as being the first major British supermarket to open a bank, our colleagues, values and inspiring new office create a great working environment where we can focus on our customer needs, satisfaction and service.
In this role you will manage the operational security of IT provided services, delivering a robust assurance process across the Bank’s outsourced IT estate. You will positively challenge the effectiveness of IT Security operational processes across the IT supply chain, helping to ensure that the end–to–end IT environment operates within the Bank’s policies, standards and risk appetite. You will also manage the IT Security control testing and supplier assurance regime.
Your role responsibilities will include:
Setting the requirement for IT Security specifications for the Bank across the end–to–end IT supply chain.
Reviewing and approving Change designs to ensure appropriate IT Security controls are built in. Reviewing pre–live changes to ensure appropriate IT Security controls have been implemented as agreed at design stage.
Developing, maintaining and executing an IT Security Testing and assurance plan which evidences effectiveness of controls for the end–to–end IT Supply chain including: Infrastructure & Application currency; IT Security Controls; Vulnerability & Penetration testing; Service Continuity & Disaster Recovery; Privileged Access Management; Data Security; Operational IT Security processes.
Managing an IT Security action and remediation register, ensuring visibility of activity and that all actions and remediation activities are driven to closure according to agreed timescales.
Managing the development and maintenance of an effective Role Based Access Control (RBAC) Framework for the Bank. Managing and controlling user access provisioning within the RBAC control framework.
Ensuring delivery of appropriate MI/reporting and analysis for all aspects of IT Security.
Preparation of regular and ad–hoc IT Security reports/packs for the IT Department, together with the preparation of IT Security certification and policy attestation packs.
Working collaboratively with the second/third lines of defence and Supplier Assurance team to ensure synergies in the IT Security control testing and supplier assurance approach.
Developing and maintaining a strong level of capability in relation to the Bank’s Risk Management Toolset.
Providing IT Security Management technical support and assistance using own judgement in risk analysis and management, escalating more complex queries.
Assessing and developing the IT department’s capabilities in IT Security to close skill gaps with an appropriate training and education plan.
Responsible for the continuous improvement of the IT Security Management methodology and approach.
Proactively identify and interpret changes in regulatory requirements, legislation and industry best practice that may affect the Bank and understand the impact these changes may have on the IT Security management regime.
Deliver analysis/reviews on individual assignments or well–defined tasks on larger projects.
Your skills, knowledge and experience:
Extensive experience of working in an IT Security environment, preferably within the financial services industry.
Good operational understanding of the ITIL (IT Service Management) framework, COBIT and ISO 27001.
CISM or CISSP certification beneficial.
Awareness of the benefits and constraints of operating in an outsourced IT supplier management framework and operating model.
Excellent organisation skills, including the ability to work under pressure and meet deadlines.
Ability to work using own initiative.
Strong written and verbal communication skills and the ability to communicate and challenge at all levels.
Proven analytical skills, judgement and reasoning ability.
Excellent knowledge of the relevant procedures, projects and services in own area of responsibility, including interpretation and application of best practices, and able to recognise a range of options and justifiably propose a recommended course of action.
Strong relationship management skills.
Sainsbury’s Bank offers an award–winning product range that includes insurance, savings, loans, credit cards and travel money. We are committed to providing a work environment where colleagues feel valued and can reach their full potential; to support this we offer a competitive salary and benefits package to ensure you have a rewarding career here at Sainsbury’s Bank.
Sainsburys Group provides a very diverse range of products and we value the same diversity within our business. We pride ourselves on being an equal opportunities employer.
Source: Telegraph.co.uk Jobs