0333 015 8000 Menu
  • LinkedIn
  • Google+

IT Security Manager

Location UK-Berkshire-Reading
Category Internal Systems
Type Permanent Full-Time

Overview

Ultima’s internal IT systems consist of a wide variety of technologies across various SaaS, PaaS and IaaS platforms as well as a legacy on premise system. This role is key to ensuring the ongoing support, maintenance, reliability and Security of these systems as well as providing 3rd line support working alongside an enthusiastic and motivated technical team.

 

The key objective is to drive the security of Ultima’s information systems and promote security awareness throughout the organisation. Working alongside our security consultants and solution architect teams, the IT manager and other members of the IT team, this will involve ensuring the security of all systems by implementing security baselines, performing regular audits and conducting user awareness training.

 

You’ll be proactive in staying ahead with the latest cyber security developments and the ability to champion security throughout the organisation.

 

This is a hands-on role and requires a high level of technical ability across a variety of systems.  Whilst the focus is information security, a broad knowledge of modern IT systems is also required to assist with the day to day running of the business and to help mentor other team members.

 

You will take responsibility for managing the volume of assigned tickets within our ITSM system and fulfilling incidents and requests in line with our SLAs and KPIs.

 

In this role you must always be highly motivated and able to provide the highest quality of customer service. You will need to provide accurate and timely information relating to on-going issues. The ability to write clear, factual notes into ITSM tickets is critical.


Responsibilities

  • Management of technical security compliance with company policy, educating stakeholders and working with them to achieve technical security compliance.
  • Maintains the technical security road map for the business, including technical aspects such as anti-malware, Data Loss Prevention (DLP), Security Event and Incident management (SIEM) and Intrusion Prevention / Detection Systems (IPS/DPS)
  • Promotes Security awareness, corporate learning and continual improvement across the business leading to a security aware culture which reduces risk.
  • Ensure security testing plans, with regular audits, are in place for all systems including our cloud ITSM and other SaaS applications.
  • Perform investigations and analysis of security breaches / non-compliance and 3rd parties in line with legislative and industry best practise.
  • Ensure delivery and support of security related project work to agreed time, resource, budget and quality parameters.
  • Mentor the IT team to drive security improvements.
  • Participate in DR and business continuity planning.
  • Participate in, and record, regular Cyber Security meetings with key stakeholders.
  • Ensure that all tickets passed to the internal systems team are responded to within pre-set service levels.
  • Identify relevant problem types and associated priorities.
  • Verify information back to the customer on the call details ensuring that all the relevant information is entered into the ITSM system in a detailed, clear and concise format.
  • Ensure internal processes are followed.
  • If necessary, progress tickets to other departments or third parties for further investigation ensuring regular updates and working towards a prompt resolution.
  • Maintain asset management systems for all IT and mobile device asset.
  • To play an active role within the IT team remaining flexible to support others during busy periods.
  • Actively strive to improve technical ability by self-study, organised in-house training and attendance of external courses.

Qualifications

  • General awareness and interest in IT security
  • Basic network troubleshooting knowledge
  • Understanding of various IT security protections such as AV, IPS, DLP, Sandboxing.
  • Good knowledge of email routing and security principals including DMARC
  • Good knowledge of cryptography and public key infrastructure
  • Experience in supporting an Endpoint Protection suite
  • Experience in supporting an enterprise grade firewall
  • Experience in supporting an email security platform, ideally Mimecast
  • Experience in supporting Microsoft security solutions
  • Experience with Azure security best practices