Cyber Security Assurance Manager

Project People
30 Jan 2024
27 Feb 2024
Job Type
Cyber Security
Employer Sector
Technology, IT & Telecoms
Contract Type
Full Time

Security Assurance Manager

Reading Green Park

Hybrid 2 days per week

About the Role:

We have a great opportunity to join a dynamic and innovative cyber security function. If you are ready to take your experience and career in security management to the next level, If you are a skilled and experienced Cyber Security Pro ready to lead and manage a cyber–security assurance function in the telecoms sector. Read on and apply today.

Key Responsibilities:

Penetration Testing:

  • Manage pen test programs, assess findings, and coordinate remediation activities.
  • Validate potential vulnerabilities reported internally or externally.

Guidance and Collaboration:

  • Provide guidance on application security and DevSecOps best practices.
  • Collaborate on security content development and Red/Purple Team exercises with the Security Operations CERT/SOC.

Reporting and Escalation:

  • Liaise with SAAC and business teams to track product vulnerabilities during the project phase.

Stakeholder Management:

  • Manage internal stakeholders and suppliers, organising regular and ad–hoc vulnerability management meetings.

Risk Reduction:

  • Liaise with leadership, business, finance, SAAC, and GRC to progress issues.

Additional Responsibilities:

  • Support security champions, scoping penetration tests, and managing the penetration testing program.
  • Collaborate with Software Engineers and SREs to ensure product security throughout the development lifecycle.
  • Conduct product security training and workshops.

About You:

  • Experience with industry security standards and regulations (ISO 27000 series, NIST SP 800 series, GDPR, etc.).
  • Knowledge of security and risk management techniques, emerging threats, and vulnerabilities.
  • Strong leadership and facilitation skills with the ability to build relationships.
  • Highly self–motivated, detail–oriented, and capable of driving change.
  • Knowledge of computer networking concepts, protocols, and network security methodologies.
  • Familiarity with penetration testing principles, tools, and techniques.
  • Familiarity with vulnerability tooling such as Qualys, Nessus, or Skybox is advantageous.
  • Understanding of OWASP, static and dynamic analysis, and vulnerability management.
  • Relevant security certifications (CISSP, CISM, CCSLP, OCSP, GIAC, GPEN, etc.).
  • University Degree in engineering, computer science, or a related technical field.

To find out more about the role please send through your CV to (url removed)

Project People is acting as an Employment Agency in relation to this vacancy.