The ICT Security Control and Audit Manager
Our Client, are a dynamic organisation within the consumer products sector; at the core of their success has been their ability to adapt and change in an ever increasing and highly competitive field. They have implemented a state of the Art IT Infrastructure that has helped cement their success and allow them to grow at a fast pace and meet change head on!
The ICT Security Control and Audit Manager will be required to monitor and report on ICT Security services and solutions in line with business objectives and needs, and agreed service levels and quality.
- Act as ICT Lead in all aspects of planning, execution and reporting for ICT internal controls, PCI compliance, Information security and auditing.
- Design, advise and guide the development of controls in line with service introduction to ensure all new and improved services comply with the IT controls framework
- Manage the execution of ICT control tests competently, identify control issues/exceptions and ensure they are, well defined and that root causes are analysed, discussed and addressed.
- Ensure analysis, coordination and publication of appropriate reports on incidents, events of interest and control failures.
- Governance of ICT security processes, policies and procedures, risk management and disaster recovery
- Provide IT Security advice, guidance and support for projects.
- Maintain a programme of continuous monitoring, scanning and testing to provide assurance that IT Security standards are being adhered to.
- Effective Risk Management covering development and implementation of risk assessment methodologies; performing risk assessments and recommending effective mitigating controls
- Monitor vulnerability assessments and ethical hacks, ensuring that issues are addressed.
The Incumbent will also address with regard to all IT Security issues.
Continual service Improvement
Reporting communicate and update relevant stakeholders on the on-going operation of services, incident management and improvement programmes,
Review metrics reports and provide input into dashboards and Balanced scorecards as required.
Partner / Vendor management
Ensure technology partners / vendors adhere to Company policies, procedures and standards.
Monitor the overall level of service provided by Technology Service Partner/s including service levels, incidents, process and change management, processes, standards and procedures - and instigating appropriate actions to address any issues or gaps, benchmarking to ensure best in class.
Commercial / Financial
Participate in appropriate commercial negotiations.
Support budgetary management of ICT Opex.
Documentation and standards
Leads with the creation and maintenance of the necessary level of process documentation
Required Education and Experience
10+ years’ experience IT Security management, preferably with experience in Security Operations or core security technologies.
Familiarity with the tools and techniques used by ethical hackers including vulnerability scanners and network mapping tools an asset.
Professional designation relating to Information Security (e.g. CISSP, CISM, CISA) is an advantage but not mandatory.
Good knowledge of IT standards and methodologies including ISO 27k, PCI DSS, COBIT, ITIL, etc.
Extensive background in IT Security, Risk Management, Compliance, IT DR and BCP.
Ability to effectively drive and influence people, process and technology change in a complex operating environment
Excellent oral and written communication skills, including the ability to explain IT Security concepts and consequences to business leaders
Strategic awareness and ability to shape the short, medium and longer term strategy for IT Security
Exceptional ability to motivate and influence key contacts and decision makers required.
Excellent communications skills coupled with a thorough knowledge of the business
Proven track record in striving for continuous improvement and driving efficiencies, whilst maintaining high levels of customer satisfaction.
Proven team player in working with one's peers to ensure that delivery of service is timely, efficient and of high quality.
Excellent verbal, written communication and presentation skills together with the ability to deliver customer presentation skills to board level.
Proven commercial awareness and a track record of working with vendors/partners.
Experience in creating a high-performance culture through target setting, performance evaluation, and employee engagement.
Project Management capabilities with ability to plan, initiate, monitor and implement projects within a team.
Please send your CV via the link, your application will have a prompt response.