Senior Manager, IT Security Engineering - London, United Kingdom - FashionJobs

FashionJobs

Verified Company

London, United Kingdom

1 week ago

Posted by:

Tom O´Connor

beBee Recruiter

Description

INTRODUCTION At Burberry, we believe creativity opens spaces.

Our purpose is to unlock the power of imagination to push boundaries and open new possibilities for our people, our customers and our communities.

This is the core belief that has guided Burberrysince it was founded in 1856 and is central to how we operate as a company today.

We aim to provide an environment for creative minds from different backgrounds to thrive, bringing a wide range of skills and experiences to everything we do. As a purposeful,valuesdriven brand, we are committed to being a force for good in the world as well, creating the next generation of sustainable luxury for customers, driving industry change and championing our communities. JOB PURPOSE The Burberry Security Operations teamis globally responsible for security monitoring, incident response, engineering, threat and vulnerability management and identity and access management. The IT Security Engineering Manager, reporting to Director
Information Security Operations, is responsiblefor the operation, management and continuous improvement of the Security Engineering Service.

RESPONSIBILITIES The IT Security Engineering Manager will be responsible for:

Manage the IT Security Operations Security Engineering service
Oversightof strategic security solutions
Management of the following security solutions / services: Tanium, McAfee, ZScaler, Fortinet, Akamai, Splunk, DLP. Some managed inhouse and some through a third party service.
Working closely with IT architectureand other IT teams to define and manage technical security configuration standards for a range of inscope technologies, including network perimeter, distributed operating systems and endpoint security technologies
Work with vendors and IT teams to ensurethat defined configurations are appropriately implemented
Development of reporting and other security logic to support security, IT and business requirements
Support the identification of security threats
Drive continuous improvement initiativesas required to address changing threats
Continuously update perimeter security rule set and implement BAU service / controls to ensure that rules remain effective
Providing regular service reporting against a set of defined key performance andrisk indicators
Providing operational input and feedback to relevant Information and IT Security teams
Identifying, assessing and addressing key cyber security risk scenarios through provision of services
Managing relationships and oversightof security services delivered by relevant third parties
Key member of the Information Security Incident Management Team, responsible for the management of high priority security incidentsPERSONAL PROFILE
Demonstrate experience of managing andmaintaining Security tools within global environment
Passionate about service / security keeps up to date on the latest news and trends
IT Security Professional with experience across a broad set of security domains
At least 5 year's experienceworking in a technical role
Demonstrable ability to distil complex, often technical, security issues into a management set of options and / or recommendation
Approaches tasks and problems in an organised, methodical manner
Ability to quicklyunderstand complex technical concepts and architectures Mandatory:
Creation and implementation of detailed security standards and / or build guides
Firewall administration / firewall rule management
Endpoint security solution administration/ management
PKI administration / management
Demonstrate in depth knowledge and experience of the following operating systems: Windows Server, Unix/Linux, Windows Desktop, MacOSX
Demonstrate in depth knowledge and experience in at least twoof the following platforms: AWS, Azure, SAP HANA, Microsoft 36
Demonstrate in depth knowledge of at least two of the following: Fortinet NGFW, zScaler, SkyBox
Demonstrate in depth knowledge of at least two of the following: Splunk, Tanium, McAfeeePO
Experience in building complex security detection and reporting logic
Demonstrate ability to formulate formal configuration and build documentation
Security solution design
Multiple scripting languages, e.g., PowerShell, Python,PHP, etc.
Excellent analytical and problemsolving capabilities Desirable:
Relevant academic or industry qualifications such as CEH, CISSP, CISM, CISA
Experience with Splunk
Ability and experience in managing security incidents