WHO CAN APPLY?

Essential criteria :

• Higher-level qualification in an IT Discipline.
• A minimum of 5 years’ experience in IT security or a related field.
• Experience leading a team.
• Excellent working knowledge of Information Security (including ISO27001)
• Experience of phishing campaigns and user awareness training.
• Broad awareness of hardware/software security products.
• Professional attitude towards learning and development, demonstrated by a record of continuing professional development.
• Right to work in the UK.

Desirable criteria:

• CEH, OSCP, OSCE, GIAC, GCIA, GSEC, Security+ or other relevant security qualifications.
• Previous experince working in an regulated environment.

PLEASE NOTE, GIVEN THE NATURE OF THIS ROLE, THE SUCCESSFUL CANDIDATE WILL REQUIRE TO UNDERTAKE AN ACCESSNI BACKGROUND CHECK.

Location: Randox Science Park, 30 Randalstown Road, Antrim, BT41 4FL. (Onsite)
Contract Offered: Full-time, Permanent, Onsite working.
Working Hours/Shifts: 40 hours per week, Monday to Friday.

WHAT DOES THE IT SECURITY MANAGER ROLE INVOLVE?

This role will be responsible for leading and developing a small team of IT Security Analysts to deliver a comprehensive information and security plan for Randox ensuring all IT systems, data, and access are secured and protected. The successful candidate would also serve as the company compliance officer with respect to security policies and regulations.

This is an varied role that will require you to develop a varied skillset including:

• Carrying out technical vulnerability assessments of IT systems and processes, identifying potential vulnerabilities, making recommendations to control any risks identified and to ensure they are implemented.
• Developing and maintaining the information security policy, accompanying standards and procedures.
• Responding rapidly and effectively to IT security incidents, managing them in a professional manner including computer forensics for evidence gathering and preservation.
• Promoting security awareness by developing and implementing a security awareness and training programme.
• Working with internal stakeholders to promote and improve information security and provide security advice on procurements, projects, and new initiatives as required.
• Applying the Data Protection Act, the Freedom of Information Act, and other related legislation, standards and codes of practice.
• Applying the ISO/IEC 27001 Information Security Management Standard.
• Staying on top of emerging trends, risks, new guidance or standards (internal or external) and security-enhancing technologies.
• Conducting network security analysis, monitoring and incident response, as well as maintenance and configuration of network security tools.
• Leading and delivering change and contributing to a positive working environment.