Senior Cyber Security Manager
- Castlefield Rd, Reigate RH2, UK
- Salary: Competitive
- Department: Technology
- Working Hours: 35 hours per week
Here at esure, we’re no strangers to change. As one of the industry leaders in the insurance business, striving to become a world class digital insurer, we’re getting ready for more. It’s creating great new opportunities for innovative and talented industry professionals to join us at a pivotal point in our development.
It’s an opportunity you simply don’t want to miss. You can expect our investment in you to include a highly competitive package, career and development opportunities and flexible benefits built around you and your lifestyle.
Purpose of Role:
We are looking for an experienced Cyber Security Manager to lead our technical security engineers.
The Day to Day:
- Reporting to the CISO, this technical leadership role is responsible for driving and implementing security initiatives advising internal SME's and MSSP to protect the business from security threats and cyber-attacks and deliver best practice security controls and processes.
- Refine and execute the CISO’s strategy for the development of information security technologies, cyber risk management, policies and practices to secure protected and sensitive data while ensuring information security and compliance with applicable regulations.
- Provide hands-on leadership in risk identification to accurately map out critical security issues and recommendations through to oversight of implementation.
- Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities.
- Schedule and conduct periodic security assessments including desktop and red team exercises.
- Participate in leading industry forums and consortiums to represent business interests
- Proven experience working with compliance frameworks such as NIST, MITRE ATT&CK, and PCI DSS
- Exposure and knowledge against SOC and SIEM systems
- Python or/and PowerShell
- Experience of Data Leakage prevention strategies
- Security Incident handling and crisis management experience • At least one Security Compliance certification: CISSP, CEH
- The ability to communicate and collaborate with subject matter expert in security, while putting threats and incidents into business context
- Attention to detail
- Experience with security tools such as Metasploit, Kali Linux, Nmap, Burp Suite
- Incident playbook creation/management
- Red, Blue & Purple teaming exercises
- Experience within AWS Professional growth
We are committed to continual learning; the individual would be supported to grow in missing disciplines e.g. :
- AWS Security
- EC-Council Certified Incident Handler
- CRISC or FAIR
- A competitive salary that recognises your skills, experience and potential
- 28 days annual leave plus 8 flex days (equivalent to bank holidays to be taken as and when suits you)
- Bonus scheme
- Flexible working – including hybrid working post covid
- Staff discount on our products
In light of the current Covid-19 pandemic, we want to emphasise to all applicants that the safety and wellbeing of our candidates and colleagues is esure Group’s number one priority. All interviews will be conducted remotely via a video conference platform to ensure that everyone involved is adhering to the social distancing guidance.