SonicJobs Logo
Left arrow iconBack to search

IT Security Lead

Reed
Posted 7 days ago, valid for 17 days
Location

Durham, Durham DH1 5UL, England

Salary

£60,000 - £72,000 per annum

info
Contract type

Full Time

In order to submit this application, a Reed account will be created for you. As such, in addition to applying for this job, you will be signed up to all Reed’s services as part of the process. By submitting this application, you agree to Reed’s Terms and Conditions and acknowledge that your personal data will be transferred to Reed and processed by them in accordance with their Privacy Policy.

Sonic Summary

info
  • A national FinTech is seeking an IT Security Lead to oversee cyber security strategies and ensure compliance with security policies.
  • The role requires a minimum of 5 years of experience in information security, particularly in conducting assurance reviews in outsourced environments.
  • Candidates should have experience with ISO27001, NIST, and Cyber Essentials, and possess either CISM or CISSP certification.
  • The position offers a salary of £70,000 to £80,000, along with benefits such as flexible hybrid working, 25 days of annual leave, and a performance-related pay bonus.
  • The role is 40% office-based in Durham, Glasgow, or London, and applicants must be eligible to work in the UK and for SC clearance.

A national FinTech that prioritises protecting its people is searching for an IT Security Lead to provide oversight and assurance of all cyber security strategies, policies and standards. This business is now using multiple external service providers in a Business Process Outsourcing arrangement. The business's digital presence will expand, which means cyber defence needs to be a top priority.

As an IT Security Lead, you will support the Information Security manager by:

  • Conducting assurance activities.
  • Serving as the primary contact for suppliers delivering customer services, including IT capability.
  • Reviewing evidence from suppliers to ensure compliance with security policies.
  • Identifying security risks and escalating them through governance.
  • Providing an objective opinion on control implementation by suppliers.

Your key responsibilities will include:

  • Security Risk Management:
    • Proactively identify, escalate, monitor, and manage security risks associated with business activities.
    • Collaborate with suppliers to understand their control environment and assess risk levels.
  • Assurance Plan:
    • Follow a predefined assurance plan to sample test suppliers’ control environments.
    • Escalate identified issues that could impact the risk profile.
    • Review objective evidence to assess compliance and risk.
    • Challenge suppliers when control failures are evident.
  • Relationship Management:
    • Build strong relationships across the organization.
    • Foster a security-focused culture with service providers and clients.
    • Focus on continuous improvement aligned with evolving threats.
  • Governance:
    • Attend security working groups with suppliers to assess control effectiveness.
    • Monitor supplier performance and ensure effective response to threats and incidents.
  • Security Awareness:
    • Provide subject matter expertise to colleagues and suppliers, promoting good security practices.

Experience required for this role:

  • Worked in information security, conducting objective-based assurance reviews in an outsourced environment.
  • Identified information security risks and developed risk mitigation plans, ensuring compliance through evidence review.
  • Challenged suppliers on their cyber security controls.
  • Experience with ISO27001, NIST and Cyber Essentials 

Key Skills:

  • Analysed complex technical information to provide relevant advice and guidance.
  • Supplier Management from a information security perspective 
  • Evaluation of supplier services and ability to meet information security standards 
  • Demonstrated effective planning, organization, and resource utilization.

Preferred Qualifications:

  • CISM OR CISSP certification or equivalent relevant experience.

Benefits include:

  • Tailored Learning and Development
  • Flexible Hybrid Working
  • 9-Day Fortnight Scheme
  • Inclusive Culture
  • 27% average employer contribution.
  • Annual Leave - 25 days, increasing to 30 days.
  • Performance-Related Pay Bonus:
  • Enhanced Family Leave

Next Steps? If you would like to know anything more about this role or even just want to hear what other Infrastructure, Cloud and Security positions I have that may also be a good match for you then please apply to this advert / or catch me on LinkedIn "Hayley Bee

You must be fully eligible to work in the UK to apply to this position and be eligible for SC clearance. This role is 40% office based in Durham, Glasgow or London

Apply now in a few quick clicks

In order to submit this application, a Reed account will be created for you. As such, in addition to applying for this job, you will be signed up to all Reed’s services as part of the process. By submitting this application, you agree to Reed’s Terms and Conditions and acknowledge that your personal data will be transferred to Reed and processed by them in accordance with their Privacy Policy.