Security Engineering Manager
Posted on Apr 12, 2022 by Arrows Group
Security Engineering Manager- you can work from Amsterdam, London or Barcelona
For this role we're looking for a pragmatic & hands on security leader with responsibilities across the Group of operating companies in the UK, Netherlands, Norway, France, Spain & Germany.
You will be responsible for the definition and delivery of our overall Security strategy across three core pillars of Security Operations; Governance/Risk/Compliance and Product & Platform Security. You'll be passionate about improving security processes, standards and operations across the business. You will lead multiple initiatives to ensure that the group achieves objectives for security assurance and security compliance, while leading a small direct team and influencing executives and key stakeholders.
Key Areas of Responsibility:
* Define and implement an overall Information Security Strategy, Budget and Vision
* Implement appropriate security governance & controls for technology & business initiatives
* Brief key stakeholders on operational risks and/or compliance issues
* Establish, monitor and enforce information security standards
* Mentor the professional development of direct and indirect reports, helping them build and execute personal development plans that map to our organisation goals
* Lead or support ongoing security & compliance initiatives, including PCI and GDPR.
* Proactively engage with product & software engineering teams to ensure that security requirements are identified and prioritised throughout the software development life cycle.
* Build employee security engagement, education and awareness through formal and informal initiatives.
* Performing Third Party risk assessments
*You'll have experience leading a security function in a large consumer focussed business
*You'll enjoy building relationships with key stakeholders and be an inspiring leader and mentor able to attract and retain outstanding information security talent.
More specifically your background & experience will include:
*You will have experience with products & services hosted in public cloud platforms such as AWS
*You'll know secure coding standards, ethical hacking techniques, SIEM and risk analysis
*Implementation of tools & processes to enable a Secure Software Development Lifecycle
*Knowledge of PCI & GDPR and the business and technology changes required to achieve & maintain compliance
*Experience of security incident detection & response
*Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials, is desired
*You'll be comfortable explaining security threats and risks to a broad audience and the appropriate mitigation techniques and strategies
*Being a supportive leader for your team, balancing multiple priorities and initiatives whilst keeping the team organised and focused on achieving their goals
*The practical application of soft skills required to engage and influence at senior levels within an organisation and to motivate, inspire and develop team members