The Role: BnM are seeking an experienced Technology Security Manager to lead and manage the Technology Security function.
The role will be responsible for defining technology security strategy, technology security decisions and implementation of a robust security programme, aligned with standards ISO***** and ISA/IEC *****.
Reporting to the Head of Technology, this leadership role requires expert experience managing IT & OT security systems, especially in electrical and industrial control environments.
The main duties and responsibilities of the role will include the following: Develop and oversee the implementation of the Technology Security Strategy.
This will involve collaboration with senior business stakeholders and technical management teams to align the Security Strategy with the requirements of the business.
Ability to establish and oversee the implementation of a multi-year cybersecurity roadmap.
Ability to translate technical risks to business risks to ensure management understanding and oversight.
Ability to develop and manage security budgets.
Establish and maintain internal and external industry relationships.
Must be comfortable engaging with senior management level stakeholders.
Manage relevant compliance requirements, including NIS2.
This management level role will be expert in completion of IT and OT risk assessments.
Coordinate the development and implementation of risk treatment plans with internal and outsourced suppliers.
Work with other risk professionals to ensure cyber risk is appropriately represented on business risk registers.
Excellent understanding of the cyber threat landscape and expert knowledge of key protection, detection and response technologies to support the mitigation of risks.
Excellent understanding of Data Governance, including but not limited to risk assessing AI, SaaS and hosted providers, identity and access controls and industry best practice on data sharing.
Manage the Information Security Management System (ISMS) in line with the requirements of ISO and maintain certification to this standard.
Establish, maintain, communicate and assess compliance with IT/OT security risk management policies.
This will include completion of security audits and assessments, and associated management level reporting.
Develop cybersecurity program performance metrics/dashboards to support operational and management, executive and board level reporting.
Excellent understanding of security principles in IT and OT environments.
Confident engaging with technical subject matter experts to address cyber risk.
Good understanding of IT/OT network principles.
Excellent understanding of cloud security concepts and good practice including M365, Azure and AWS cloud environments.
Integration of security into project management, including operational and strategic level projects.
Experience in the selection and management of the installation of security tools and services.
Implement the Technology Incident management policy for the business.
Ensure the ongoing effectiveness of incident prevention and detection controls.
Act as the initial incident response manager in the event of an incident occurring.
Assess security incidents to determine the impact on the business and to determine next steps.
Assess the effectiveness of Disaster recovery policy implementation and ensure appropriate testing is completed.
Support the implementation of the BCM policy and act as a subject matter expert to the business in the event of a continuity event or crisis occurring involving technology.
Expert managing technology third party suppliers to ensure SLA are met or exceeded.
This will include responsibility for and oversight of managed security services.
Establish and maintain the technology third party vendor management policy and procedure.
Completion of security due diligence requirements.
Partner with internal stakeholders to ensure the ongoing supervision of third party services.
Partner with internal stakeholders on Data Protection, GDPR DPIA's and data governance.
Good understand of data protection legal principles.
Experience defining project security requirements.
All employees are expected to co-operate fully with all provisions taken by the company for ensuring Health and Safety, and Welfare of co-employees and members of the public using the premises.
Proactively participate in the Performance Management process to ensure delivery of own, and the wider team's objectives.
What we're looking for: The ideal candidate will possess the following qualification, skills, knowledge, and attributes: 8+ years of IT, OT or hybrid IT/OT experience, ideally in the Energy/Utilities/IT Shared Services sector.
Masters Degree in Cybersecurity or Computer Science or equivalent desirable.
Professional certifications including CISSP, CISM, CISA, CRISC and GICSP or equivalent preferred.
Experience managing Operational Technology a requirement.
Apply Now If you're ready to join a team thats creating real impact, apply on or before12 Jan ****.
BnM is an equal opportunities employer.
Skills: IT OT Cybersecurity Computer Science