Supervisor (Regulatory) - London, United Kingdom - City of London

Description

Reports to Manager and is responsible, through management and supervision, to ensure adherence to the strategic and tactical direction for IT Security throughout the corporate network, including Boards, Commissions and Agencies supported on the corporate network.

Operate, configure and administer information security technology platforms including XDR, SIEM, SOAR, CASB, DLP, PKI, PAM and Identity Management.

Design, implement, and manage DLP/CASB solutions and collaborate with other ITS teams to build policies around data movement within on-premises and cloud environments.

Monitors processes for Identity and Access Management including the creation, modification, access privileges and deletion of user accounts.

Directs and ensures the development and implementation of security controls and practices including Internet, Intranet, Extranet, network, application, remote access, and wireless technologies.

Responsible for ensuring the use and application of End Point security tools, Internet filtering and Data Loss Prevention tools, Event and log management tools and Privileged Account Management tools.

Responsible for incident response documentation and other policy/governance documentation

Involved in the management implementation, maintenance and support of Public Key Infrastructure (PKI) and Strong Authentication solutions and strategy.

Maintains quality service by establishing and enforcing organization standards.
Responsible for coordinating and enforcing systems, policies and procedures.
Provides information, orientation, training, instruction and supervision as required to assist employees in performing their work functions.

Monitors compliance of systems and networks with regulatory organizations such as the Payment Card Industry to ensure the Corporation is compliant.

Audits permissions and access rights to ensure compliance with policy.

Responsible for the development of all policies, strategies, procedures and standards related to Information Security to ensure compliance with industry standard practices and a Corporate wide approach to security.

Responsible for Information Security standards being adhered to and recommends corrective actions as required.
Performs and recommends Risk Assessments for all major update/upgrade of systems and applications.

Manages and ensures vulnerability and risk assessments of corporate assets and analyze activity logs of the various systems as part of preventive measures.

Conducts risk analysis and evaluation for the overall information security strategy.
Manages and/or participates in projects in various roles and responsibilities.
Conducts performance management reviews of project resources.
Conducts and/or assists in the performance management and evaluation of employees.

Conducts investigations (including MFIPPA, employment, corporate policies etc.) Performs penetration testing of hosted services and recommends the acquisition of such services based on security testing.

Responsible for training and awareness programs and materials to educate staff on information security.
University Degree in Computer Science or three year Post Secondary Business Information Systems Diploma, or equivalent.
A minimum of 5 years' experience in Information Security.

Detailed knowledge of Information Security, including Intrusion Protection Systems, Anti-Virus, Anti-Spam, Identity Management, Threat Management, Public Key Infrastructure, Access Control and Authentication is required.

CISA or CISSP is an asset. ITIL Foundation – an asset.

Standard hours of Work:
Monday – Friday from 8:30a.m. Hybrid