An exciting role (available full or part time (3-4 days a week) has become available for an experienced Cyber Security Manager to lead the design and execution of the cyber and information security strategy of a growing organisation in the renewable energy sector. We are a progressive employer offering a highly flexible work environment. The salary offered is commensurate with experience.
You would be working as part of a small, global IT team, reporting to the Global Head of Technology, where you would act as the SME on all aspects of cyber security, implementing and enforcing the appropriate structure, processes and communications around security governance, strategy, risk management, etc.
Our UK office is based in the West End of London, however the role will initially be fully remote. As we emerge from the pandemic, you would be expected to attend the office from time to time. We are therefore prepared to consider candidates who do not live in London but who are prepared to travel to the office as required. Regrettably, we cannot consider candidates who are based outside of the UK or anyone who does not have the right to live and work in the UK without sponsorship.
Core role responsibilities
- Design and implement a IT Security Strategy across the enterprise.
- Write, develop and implement all IT security policies, protocols and procedures
- Ensure that security policy and security standards are implemented and adhered to, and that exceptions are managed under governance
- Help identify and select new technologies / vendors to ensure security and compliance.
- Collaborate with the business teams and staff at all levels to promote the Information Security agenda.
- Develop and manage the continuous improvement of security controls.
Knowledge, skills and experience required.
- Significant experience with application security including threat modelling, API security, security architecture design and review
- Demonstrable experience contributing to or running security education programmes across IT teams and across wider business groups
- Ideally, you would have experience of working in smaller, scale up enterprises as well as bigger corporates in order bring the best practice of both to the role
- Deep knowledge of threat modelling, risk calculation and assessment.
- Communication skills are critical - you must have excellent, native or near native level English and be able to communicate effectively with other technical specialists, as well as colleagues at all levels of seniority within the company as well as external partners.
- You must be able to convey complex issues to both technical non-technical audiences in a way that is both succinct and compelling
- Candidates who can speak Italian and/ or Spanish would be at a distinct advantage.
- ISO/27001 certification and Zero Trust knowledge/ experience are desirable.