A prestigious university located in Central London is seeking a Cyber Security Compliance and Training Manager to be part of their team on a permanent basis with Hybrid working.
ABOUT THE ORGANISATION
The University stands as Europe’s largest specialised institution dedicated to art and design education. Its distinctive creative community comprises six prestigious Colleges, each boasting its own world-class reputation. The university offers a wide array of courses in art, design, fashion, communication, and performing arts, serving as a vital talent pipeline for the UK’s creative industries.
With a vibrant and diverse community of over 21,000 students representing 129 countries, the university has a proven track record of launching and advancing careers. Its graduates can be found in various roles across the creative and cultural sectors, from leaders of global enterprises to independent practitioners, often making significant appearances on prestigious award shortlists, such as the Turner Prize and the Oscars.
Leveraging the university's rich heritage and connections with influential figures in the arts, both students and staff are motivated to challenge norms, foster new concepts, and cultivate talent. For more than a century, the university's colleges have been home to award-winning faculty and students, leading the way in learning, creativity, and specialised practice. This intimate College structure provides valuable opportunities for learning and exploration for individuals at every stage of their creative development.
ABOUT THE ROLE
The Information Security team is uniquely placed to advise, support, and defend the University against security threats targeting our staff, students, and our research work. The team aims to protect and educate staff and students and ensure that security by design is implemented within all applicable laws and regulations.
As a Cyber Security Compliance & Training Manager, you will be responsible for ensuring the confidentiality, integrity and availability of the organisation’s sensitive information. You will design, implement and maintain information security policies, procedures and controls that align with industry standards and regulations; you will also monitor compliance with security and privacy laws, regulations, and standards and assess risks associated with new technology and business initiatives. You may also manage incident response processes and investigations and work with auditors and regulators to ensure compliance.
You will be responsible for designing, implementing and overseeing an organisation’s security training and awareness program, ensuring staff understand and follow security policies, procedures and best practices. In addition, you will also assess the security training program’s effectiveness, make recommendations for improvement, and ensure the training program aligns with the university's overall security strategy.
Managing the delivery of IT and Information Security policies, processes and standards within a large complex environment; translating business, regulatory, and legal requirements into Information Security developments and improvements
Knowledge of current information and cyber security issues and opportunities including an understanding of security frameworks- GDPR, PCI-DSS, Cyber Essentials
Knowledge and experience creating, developing, and maintaining Information Security strategies and roadmaps; producing Cyber Security guidance documentation and training
Experience establishing credibility with, and managing expectations for, both internal and external stakeholders at all levels of an organisation; leading external audits
Knowledge and experience ensuring effective training and awareness programs are in place and their effectiveness measured through internal audit and other mechanisms
Knowledge and experience in planning and conducting internal audits in relation to quality, information security and data protection, producing clear and actionable findings and supporting business teams to implement these actions
Ability to plan and generate training and development opportunities to meet team members' current and future learning needs, evaluating outcomes and putting learning into practice
Knowledge and experience with anomaly detection, O365, Azure. MS Intune, Identity Management, VMware, Tanium, Breach & Attack Simulation
Knowledge and experience with review and analysis of firewalls, management of Cisco Umbrella, Cisco DNA, Cisco Stealth Watch, network traffic analysis, vulnerability management and scanning, attack methods and infection vectors, risk assessments, and penetration testing.
34 days annual leave plus public holidays
Generous, pension scheme
Family-friendly policies, including 26 weeks of full maternity or paternity pay
A healthy work-life balance for all employees, and much more!
Salary is up to £75k per annum depending on skills and experience.