Senior Technical Security Manager

Back to job search

Senior Technical Security Manager

  • Location:

    London

  • Contact:

    Junior Garba

  • Contact email:

    junior.garba@equitycity.co.uk

  • Job ref:

    540

  • Published:

    16 days ago

  • Expiry date:

    2025-03-09

Title: Senior Technical Security Manager
Location: London/ Hybrid 
Salary: Market Related

Job Profile Summary
As Senior Technical Security Manager, you will lead a team of cyber security specialists providing services across disciplines including Security Operations, Application & Cloud Security and Security Engineering. Whilst contributing your hands-on specialist skills in these areas, you will also lead the team in delivering / supporting

Job Description
  • Security Architecture, Assurance & Testing: Defining patterns / principles for secure service design, at both the application and infrastructure levels. Reviewing / assuring that service designs meet Enterprise security requirements. Identifying / addressing security vulnerabilities through automated / manual testing (e.g., pen. testing), incl. third parties.
  • Application Security: Embedding security within our Software Development Lifecycle (SDLC), identifying / remediating code-level security vulnerabilities (e.g. SAST, SCA, etc.).
  • Cloud Security Control & Management: Monitoring our cloud security posture and providing cloud workload protection, etc.
  • Security Monitoring: Collecting / analysing security log / threat information, triaging detected threats and taking appropriate action.
  • Incident Response: Responding to a confirmed cyber event / incident, containing any damage and remediating the cause, etc.
  • Threat & Vulnerability Management: Identifying, assessing, managing and remediating security vulnerabilities across our Enterprise, incl. threat intelligence.
  • Security Engineering: Building / maintaining our technical security controls across our Enterprise, incl. those supporting other cyber services.

Principal Accountabilities
  • Provide input to and challenge of the creation and delivery of Brit’s Cyber Security Strategy.
  • Take decisions in the absence of the CISO, as part of the Cyber Leadership Team.
  • Communicate with Business Owners regarding risks, vulnerabilities and remediation opportunities within their business processes and services / systems.
  • Lead, manage, coach and mentor team members to ensure high levels of performance.
  • Set and agree team member objectives to ensure achievement of results and monitor performance on an ongoing basis, taking remedial action as appropriate.
  • Own and deliver projects to improve Brit’s security posture, including the selection and management of security tools / technologies.
  • Perform security risk assessments and provide projects with guidance on “proportionately secure” implementations of technology and process (e.g., security architecture guardrails, etc.).
  • Work with second line functions to ensure technical security controls, such as those that support SOX compliance, are fit for purpose, optimised and operate effectively.
  • Carry out security audits of Brit and ensure compliance requirements and best practices are adhered to.
  • Create and ensure compliance with cyber security policies, processes and standards.
  • Review change projects / requests to ensure compliance with cyber security policies, processes and standards.
  • Work with other Technology Services Teams and Product Managers to ensure that Brit’s services / systems, both existing and emergent, are securely operated and maintained.
  • Work with our Managed Security Service Providers (MSSPs), Technology Services Teams and Product Managers to ensure that security events / incidents are identified, resolved and that appropriate actions are taken to prevent recurrence.
  • Implement and maintain KPIs and metrics to allow the monitoring of compliance with Brit’s security policies and processes and refer any problems to appropriate department managers or administrators.
  • Manage and resolve business-related security issues.
  • Perform product management / ownership of our security tooling, understanding and setting the strategic direction for key security applications and services.
  • Work with Brit’s CISO to provide regular updates on current and emerging market and organisational threats.

Education, Qualifications, Knowledge, Skills and Experience
  • Experience in technical roles of increasing responsibility within cyber / information security.
  • Strong experience of native security tooling / services in Microsoft Azure, e.g., Defender for Endpoint, Defender for Vulnerability Management and Sentinel, etc.
  • Strong technical knowledge of modern technology infrastructure / operations including networks, operating systems, databases, firewalls, anti-virus, VA and patch management, etc.
  • Degree educated in Computer Science / Engineering or a related discipline, or equivalent industry certifications / professional experience.
  • CISSP, CISM or CISA certifications (or similar) are desirable.
  • An understanding of UK insurance is desirable.
  • Awareness of the Data Protection Act (and GDPR), NIST CSF, CIS Critical Security Controls, FCA / PRA initiatives and similar best practice / regulatory frameworks.
  • Strong interpersonal and communication skills, experience of working with offshore / outsourced technology (including Security) teams.