IT Security Manager - London
- London, England, United Kingdom
- Permanent, Full time
- ABN AMRO Bank
- 19 Mar 19
IT Security Manager - London
Please note, this role is an approximately 9 month long assignment. About the role ABN AMRO Bank N.V., UK Branch are seeking an experienced IT Security Manager to ensure that information security for the UK business lines is maintained and developed in line with the ABN AMRO global information security
policies and standards.
In addition the role holder will support the UK Risk Department by providing advice and input on 2nd line IT matters. As such the role holder will have a dotted line to the UK Head of Risk. Department overview This role sits in the TOPS (Technology, Operations & Property Services) department and reports to the CTO / COO.The mission of the TOPS department is to manage the technological, operational and property services of the Company, in particular ABN AMRO Bank., UK Branch, in collaboration with the local business lines and support functions. Objective of the Function The primary role of the function is to act as the Local Information Security Officer and IT Security Manager responsible for the implementation of the ABN AMRO Information security policies and processes.The successful candidate will be responsible for the implementation of best practices and act as a focal point for security issues for the business lines of the bank operating in the UK.The purpose of the job is to analyse and audit system configuration and maintain policies and procedures in order to mitigate information security risks. This includes assessing technical security risks and identifying potential security weaknesses, definition and implementation of security controls and ensuring conformance with ABN AMRO global information security policies and standards. Core Activities
- Maintaining and assisting with development of the local Information Security Policy and supporting set of policies, ensuring appropriate authorisation, commitment and endorsement from senior IT and business management
- Working closely with other Business Line and Central Security functions and personnel
- Promoting education and awareness of security at all levels of the UK business
- Developing and documenting procedures for operating and maintaining security
- Assisting with business impact analyses, performing security risk analysis and risk
- Monitoring and managing all security breaches and handling security incidents, taking remedial action to prevent recurrence wherever possible
- Participating in security reviews arising from security breaches and instigating remedial actions
- Reporting, analysing and reducing the impact and volumes of all security incidents in conjunction with Problem Management
- Ensuring that the confidentiality, integrity and availability of the services are maintained at the levels agreed in the SLAs and that they conform to all relevant statutory requirements
- Performing security tests
- Monitoring and maintaining internal access control procedures
- Process improvement and reporting
- Reviewing and investigating Event Monitoring report
- Working with IT line managers at all levels to ensure they are enacting their specific security responsibilities.
- Ensuring current patch levels and virus protection levels are at the correct levels
- Monitoring and reporting internet and external e-mail access and usage
- Monitoring and managing the IT Risk management processes (AMA based)
- Monitoring and managing IT policies and procedures
- Providing advice and guidance on IT matters to 2nd line Risk staff
- Monitoring and reviewing IT aspects of the annual IT Control Assessment
- CISSP certificate or similar IS professional qualification
- Cobit / ITIL qualifications preferred
- Information Security best practice ISO 27001/2
- 10+ years' experience working in IT
- 3+ years' experience working within an information or technology security role
- Knowledge of AMA (Advanced Measurement Approach) risk management and measurement (preferable)
- Excellent analytical and communications skills (verbal/written).
- Strong inter-personal skills.
- Experience of working with IT Security baselines ISO/IEC 27000 or higher
- Experience of CoBiT and ITIL control frameworks
- Experience of working in a regulated and/or financial industry
- Ability to work independently and in a team environment.
- Deadline oriented individual with proven excellent customer service skills.
- Ability to focus on minute details to ensure product quality.
- Demonstrates a strong personal commitment to customer needs and corporate objectives.
var vacancyNumber = "20910";var events="event54";var hrType="Vacancy";var vacancyTitle="IT Security Manager";