IT Security Assurance Manager

Harris Global
London (Central)
From £85,000 to £120,000 per annum Benefits + Bonus
14 Oct 2016
24 Oct 2016
Contract Type
Security Control Assurance Manager Harris Global is currently recruiting for a Security Control Assurance Manager. My client is based in Central London as is accessible by numerous tube stations. The Organisation work across multiple financial markets & multiple asset classes. My client can offer a dynamic, flexible and highly stimulating working environment, where good ideas are prized and rewarded. The Role This is a rare opportunity for a motivated, meticulous, and technically-minded person to join and lead the Security Control Assurance team. The Security Control Assurance team is responsible for providing assurance of technical and process security control effectiveness, supporting security risk management activities and contributing to executive management reporting. This includes responsibility for the design, implementation, operation, maintenance and continuous improvement of the framework for continuously testing and reporting on all security controls. The Security Controls Assurance Manager will need a good working knowledge of underlying technologies used by security controls, and understand the objectives of security controls. The Security Control Assurance Manager will have the ability to switch between attack and defence mind frames and at the same time understand the business impact of discovered control weaknesses and gaps. The role requires someone with drive, energy and a passion for technical security, assessment of security controls, automation, and the ability to think outside of the box. The successful candidate will also have experience leading and managing a team, attention to detail and a desire to understand technology. The Individual The ideal candidate should have experience, knowledge and demonstrable ability in: · Minimum five years’ experience of technical security assessment / assurance testing (please note this is not an audit role). · Leading the development, implementation and operation of a security control assessment / assurance testing framework. · Strong verbal and written communication skills, including reporting for executive levels. · Experience and understanding of complex technical, process and architectural security controls. · Operating in time critical, complex, and outcome-focused technical environments. · Understanding complex software and system interactions. · Automated security compliance tools and automation of security control testing. · Leading, managing and growing a team. · Managing and prioritising a large number of requirements. Desirable skills: · Knowledge of IT risk and assurance frameworks (e.g. ISO, NIST, COBIT, PCI). · Penetration tools and techniques to discover ways of bypassing security controls. · Experience in software development, security design, testing, operations and/or IT operations. · Experience in one or more of the following scripting language: Python, PowerShell, PHP. · Security risk management. In addition, you will be expected to: · Work closely with the Security Risk Management team to ensure there is integration between the security risk and assurance functions. · Work closely with the Security Implementation Group to discuss security control assurance findings. · Keep up to date with emerging security vulnerabilities and threats. This job was originally posted as