Job Title:
Information Security Manager
-----------------------------------
The role of Information Security Manager involves developing, implementing and managing the university's information security strategy, policies and procedures. This includes ensuring the protection of the university's information assets, systems and data from evolving cyber threats.
The Information Security Manager will lead a team of security professionals, collaborate with various stakeholders across the university and ensure compliance with relevant regulations and best practices.
This is an exciting opportunity for an experienced Information Security professional to join our team and contribute to the development and implementation of our information security strategy.
Key Responsibilities:
* Develop and implement a comprehensive information security strategy aligned with the university's mission and risk appetite.
* Take ownership of the university information security risk register and implement risk mitigations.
* Lead the design, implementation and management of security architecture, controls and solutions across all university systems and networks.
* Manage the university's incident response plan, responses to incidents and lead regular tabletop exercises.
* Drive regular security assessments, vulnerability scanning and penetration testing to identify and remediate security weaknesses.
* Develop and enforce information security policies, standards and guidelines, ensuring compliance with university policies and procedures, relevant regulations and industry best practices.
* Manage and mentor a team of cybersecurity professionals, fostering a culture of continuous learning, collaboration and high performance.
* Collaborate with all relevant stakeholders to integrate security into all stages of the system development lifecycle and operational processes.
* Provide expert advice, guidance and reports on information security matters to senior management and various university stakeholders.
* Take full ownership for the research, evaluation and smooth implementation of new or updated information security hardware and software into the university environment.
* Provide technical and managerial expertise for the administration of security tools.
* Manage vendor relationships for information security tools and services, including contract negotiation, performance monitoring and ensuring cost-effectiveness.
* Oversee the delivery and ongoing development of security awareness training programs for all university staff and students.
* Stay abreast of the latest cybersecurity threats, trends, technologies and regulatory changes, and adapt the university's security posture accordingly.
* Oversee the implementation of security best practices in cloud environments and with emerging technologies such as artificial intelligence.
* Participate in relevant university and sectoral committees, and project groups as required.
Requirements:
* Primary degree or equivalent in Information Technology, Computer Science or a closely related field.
* At least 5 years of leadership and IT management experience, with a significant focus on information security.
* Relevant professional certifications such as CISSP, CISM, CISA or equivalent are highly desirable.
* A post-graduate degree (Master's Degree level or equivalent) is desirable.
* Experience in a university environment is desirable.
* Demonstrable experience working at a senior level in large and complex organisational environments, with a proven ability to manage and enhance security posture.
* In-depth knowledge of security frameworks (e.g. NIST, ISO 27001), regulations (e.g. GDPR, NIS2) and industry best practices.
* Strong understanding of network security, application security, cloud security, data security and identity and access management.
* Experience with security information and event management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), firewalls and other security technologies.
* Proven experience in incident response, vulnerability management and risk assessment.
* Demonstrated ability to lead, motivate and develop a technical team.
Benefits:
The successful candidate will receive a competitive salary and benefits package, commensurate with qualifications and experience.
The University offers a range of employee benefits, including flexible working arrangements, professional development opportunities and a commitment to equality, diversity and inclusion.