Cyber Security Manager

Summary

Join NEC Software Solutions as a Security Manager and contribute to a world of difference! This hybrid or remote role involves managing the delivery of security and accreditation to NEC's business and customers. Collaborate with the InfoSec team, architecture team, technology teams, and Data Protection Officer to create, update, and maintain security processes, procedures, and policies. Produce security assurance documentation for customer accreditations, support security testing, develop remediation plans, and drive vulnerability remediation. Contribute to procurement bids and security questionnaires, and support the InfoSec team in responding to security incidents. The successful candidate will report to the Cyber Assurance Manager and work closely with a diverse InfoSec team. This role requires travel to NEC offices on an ad-hoc basis.

Requirements

• Demonstrable Experience in an IT role, with a strong understanding of security concepts/fundamentals
• Proven experience working in an IT security role
• Strong knowledge of cybersecurity frameworks, standards, and regulations
• A good understanding of an approach to risk management – knowing that context is key
• Experience in writing comprehensive responses to security questionnaires or bids
• A strong focus on business outcomes
• Strong and demonstrated team working experience
• High degree of personal motivation and ability to self-manage
• Ability to communicate security and technical solutions to non-technical or security resources internally and external to NEC
• Comfortable with collaboration, open communication and reaching across a range of functions and teams
• Excellent verbal and written communication skills
• Candidates must be security cleared (or able to gain clearance) to MOD SC and Non-Police Personnel Vetting Level 3 (NPPV)
• Pre-employment checks required
• Baseline Standard and Disclosure Scotland (BPSS)
• On employment the candidate must be able to achieve and maintain Security Clearance

Responsibilities

• Work within the InfoSec team to support the key activities
• Provide consistent and qualified responses to tenders and assurance questionnaires from customers
• Produce and maintain security assurance documentation required for accreditation
• Ensure compliance with relevant security standards, service management procedures, regulations, and industry best practices
• Schedule security testing and create remediation plans from the test reports- seeing remediation through to completion
• Contribute to process documentation and policy review
• Conduct security assessments and audits on people, process and technology within NEC
• Assist in security incident management and vulnerability management

Preferred Qualifications

• Delivering pragmatic security assurance documentation aligned to varying degrees of risk appetite
• Exposure to security testing process and reports such as penetration testing
• Experience working within a shared environment with multiple tenants and requirements
• Experience in working on solutions or projects that require formal independent accreditations
• Working knowledge of Cyber Essentials Plus

Benefits

• Private Medical Cover funded by NEC for Employees (with the option to add family members at an additional cost)
• 25 days paid holiday with the option to buy/sell
• 4 x basic salary life assurance cover funded by NEC (with the option to increase cover at an additional cost)
• A Group Pension Plan with fantastic employer contributions up to a maximum of 8.5%
• A selection of flexible benefits to suit your individual needs