Cyber Security Manager- Fiintech

at  N Brown Group Plc

JOB DETAILS

Salary Up to £85,000 per annum DOE
LocationManchester
Discipline Digital Technology
Reference018364
We’re looking for a passionate and experienced Cyber Security Manager with a proven track record of delivering software solutions to join a new ‘start-up’ division within N Brown.
As a member of the Castle Fintech team, you’ll be at the heart of a unique and exciting venture to assemble a new financial services platform. With a background in technology disruption or financial services (preferably retail credit), you’ll leverage your industry knowledge to design and deliver key security solutions for the platform. Operating like an independent start-up, within an established organisation, you’ll be completely at home with agile frameworks and will fully embrace iterative and flexible delivery approaches.

WHAT SKILLS AND EXPERIENCE WILL YOU HAVE?

• Good working knowledge of AWS security services and implementations, e.g. Security Hub, Control Tower, Organizations, SCPs, IAM entities and policies, Account lockdown and AI/ML tools like Macie and Guard Duty.
• You will also understand and maintain security compliance requirements e.g. DPA, GDPR, PCI DSS, SOC1, SOC2 and ISO27001.
• To have a personal and corporate awareness of current Information Security Issues, e.g. emerging vulnerabilities and zero-day exploits, and to identify appropriate risk mitigation counter-measures.
• Understanding of risk assessment methodologies and the ability to identify, assess, and prioritize security risks to the organization.
• Managing third party suppliers including SOC providers.
• The ability to work with teams and stakeholders across Castle to promote and facilitate security best practise.
• Excellent communication skills to effectively convey complex technical information to non-technical stakeholders, executives, and employees. This includes writing reports, creating policies, and conducting security training.
• Ability to analyse complex problems, troubleshoot security incidents, and develop effective solutions to mitigate security risks.

DESIRABLE QUALIFICATIONS:

• Certified Information Systems Security Professional (CISSP)
• Offensive Security Certified Professional (OSCP)

N BROWN – WHO WE ARE AND WHY WORK FOR US?

At N Brown, we’re committed to building a diverse workforce and creating an inclusive environment that values equality for all. Our vision is that by ‘championing inclusion, we’ll become the most loved and trusted fashion retailer’. Diversity, Equity, Inclusion and Belonging are, therefore, at the heart of our culture.
We’re a forward-thinking digital retailer with a financial services proposition to be proud of. We’re customer-obsessed, serving them through three core brands: JD Williams, Simply Be, and Jacamo. We’re experienced, with over 160 years of trading under our belt. We’re inclusive, as we believe in fashion without boundaries; and we’re sustainable, striving to make as little impact on the planet as possible.
In May 2024 we were delighted to be named one of The Sunday Times Best Places to Work 2024. We work hard to create a happy and inclusive culture for everyone and we’re so proud to have made this list - as voted for by our very own colleagues!

ABOUT THE ROLE

We are looking for experienced cyber security specialists, with a track record of facilitating change to help assure our future success in these areas. The Cyber Security Manager will oversee risk assessment and communication related to software and infrastructure vulnerabilities. They will collaborate with teams to identify vulnerabilities, prioritise risks, and improve the vulnerability management process, including continuous scanning and patch management.
The ideal candidate will also have experience of working with and managing third party suppliers operating a Security Operating Centre (SOC).

What will you do as an Cyber Security Manager at N Brown?

• Manage Castle Fintech’s ongoing cyber commitments to the business and help deliver operational security control measures, risk & governance frameworks and InfoSec principles and standards.
• Help identify emerging security threats, risks and vulnerabilities to ensure appropriate countermeasures and risk mitigations are identified, prioritised and implemented through our cyber detection technologies and governance frameworks.
• Provide Cyber Security subject matter expertise across Castle internal stakeholders to ensure the confidentiality, integrity and availability of systems, data and information assets, while working closely with our information security partners to maintain an ahead of the curve approach to industry technologies and threats.
• Identify and remove impediments faced by the team by working collaboratively with stakeholders to proactively manage any risks, issues or delays.
• To deliver the InfoSec technology roadmap into the business, ensuring our regulatory obligations are met in line with industry best practice.
• To help shape and inform ongoing cyber security strategy in an ever-changing digital landscape.
• To manage and oversee an appropriate programme of vulnerability and patch management to maintain an informed understanding of our technical control measures.
• Define and review key security performance indicators that ensure service delivery and service improvements.
• Develop and create reports for management updates and escalations using key program performance metrics.
• Build, develop and maintain SOC policies, procedures and processes.
• Optimise tools and processes that prepare the SOC to respond to security threats of the future.
• Ensure information and security data is continuously collected, correlated and analysed to detect external and internal threats and vulnerabilities to our services.

WHAT HAPPENS WHEN YOU APPLY TO A ROLE AT N BROWN?

As soon as we receive your application, we’ll send you an email to let you know. We always aim to come back to you as soon as possible with an update and we really appreciate you taking the time to apply for a role with us. Good luck