Net Talent are delighted to have partnered with an established logistics business based in Glasgow as they look to appoint their first IT Security Manager.
The role will involve managing the Group’s IT Security posture as the IT Security Manager. In this role, the successful candidate will be responsible for leading a small cyber security team, managing the implementation of security strategies and accreditations (ISO27001, Cyber Essentials +, NIST). The role holder will work closely with various departments to identify potential security risks, develop mitigation plans, and respond to security incidents.
Ideally you will have a technical background but a sound understanding of networks and infrastructure, but this is not a prerequisite.
Key Responsibilities:
Leadership & Strategy:
-
- Lead and manage the cyber security team, including recruitment, mentoring, and performance evaluations.
- Develop and implement a comprehensive cyber security strategy aligned with the organisation's business objectives.
- Stay updated on emerging cyber security threats, industry trends, and regulatory requirements to adjust strategies and policies accordingly.
Risk Management:
-
- Conduct regular security risk assessments to identify potential vulnerabilities within the organisation's IT infrastructure.
- Develop and implement risk mitigation plans, ensuring that all identified risks are addressed promptly.
- Collaborate with IT and business units to integrate security best practices into all business processes.
Incident Response & Recovery:
-
- Oversee the development and execution of incident response plans and procedures.
- Lead the response to cyber security incidents, coordinating efforts across teams to minimise damage and ensure a swift recovery.
- Conduct post-incident analysis to identify lessons learned and implement improvements.
Security Operations:
-
- Ensure the continuous monitoring of networks, systems, and applications for security anomalies.
- Oversee the management and maintenance of security tools such as firewalls, intrusion detection/prevention systems, and antivirus solutions.
- Ensure that security patches and updates are applied in a timely manner across all systems.
Compliance & Governance:
-
- Ensure the organisation’s security practices comply with relevant regulations, standards, and frameworks (e.g., GDPR, ISO27001, NIST).
- Develop and enforce security policies, procedures, and standards across the organisation.
- Prepare and deliver regular reports to senior management on the status of the organisation’s security posture.
Training & Awareness:
-
- Develop and implement cyber security training programs for employees to promote security awareness and best practices.
- Organise regular security drills and simulations to ensure preparedness for potential cyber threats.
What we are looking for:
- Technical Skills: In-depth knowledge of cyber security frameworks, risk management, incident response, and security operations. Proficiency with security tools and technologies.
- Previous experience of delivering ISO27001 and Cyber Essentials + standards.
- Track record of designing and implementing cyber security processes & policies.
- Proven experience of monitoring and tracking of security risks and threats.
- Proficiency in IT infrastructure and networking is desirable.
- Strong leadership and team management skills.
- Excellent communication and interpersonal abilities.
- Strategic thinking with the ability to implement practical solutions.
- High level of integrity and professionalism.
- Ability to work under pressure and handle multiple priorities.
Compensation: There is a salary of up to £70k on offer, depending on experience.