Service Security Manager

Job Description

Service Security Manager 

Are you a Cyber Security Manager looking for a new challenge? 

Do you have a strong background of security operations and leading a SOC team, as well as excellent Azure cloud security experience? 

Would you be interested in helping with the running of crucial platforms that help the government keep Livestock safe and healthy? 

If so, we’d love to hear from you! 

At Livestock Information Ltd, our mission is to be an outstanding service provider of livestock data, empowering government, industry, and farmers to effectively manage disease and infection control, whilst enhancing productivity and innovation in agriculture. To achieve this, we need great people, who share in our values. 

We are now looking for a Service Security Manager to join our team on a 100% remote basis. As the Service Security Manager at Livestock Information Ltd., your role is pivotal in safeguarding our  digital assets. Leveraging deep expertise in Microsoft Azure and secure development lifecycles, you're always ahead of emerging threats. Your responsibilities include advising senior leadership on integrating cutting-edge security practices into strategic operations and ensuring our security framework aligns with business objectives. This is a hands-on position, involving the refinement of our ISO27001:2022 security management system and leading our Cyber Security Operations Centre.  

Operational discussions on cyber risks, mitigation strategies, and collaboration with third parties fill your schedule. You champion a strong security culture across the organisation, emphasising the importance of awareness and preparedness. Your focus on continuous improvement involves reviewing security incidents to prevent future breaches and ensuring our recovery plans are robust. This role blends technical skill, strategic foresight, and leadership to safeguard our company's future.  

Responsibilities 

This is hands-on where you will be responsible for implementing a range of technical, administrative and physical security controls and driving a programme of continuous improvement in response to changing security threat and risk landscape.   

The role requires a thorough understanding of Microsoft Azure technologies and secure development lifecycle, as well as a broad, up-to-date knowledge of information security frameworks. As well as pertinent regulation and legislation, vulnerability management, incident management and  response, secure development techniques and approaches, management and governance of information security risks and managing LI Security Operations Centre.    

Having performed a similar role, you will have a strong information security and cyber security background along with formal qualifications. You will have established and led a new and progressive information security function, developing innovative, future focused information and cyber security capability in support of business objectives. You will be a strategic and lateral thinker with exceptional leadership credentials and a sophisticated approach to stakeholder and supplier management.  

• Operate and maintain a business-aligned information security strategy and operating model.   

• Operate, improve and monitor an ISO27001:2022 information security management system including policies, standards, principles and controls including management practices and technical security measures.    

• Provide advice and direction to the organisation’s development teams, in the integration of security practices into Secure Development Lifecycle processes.   

• Report to organisations senior leadership team on information and cyber risks, mitigation strategies, compensating controls, cost benefit analysis and emergent threats.   

• Ensure that information security risks to the organisation which are presented through suppliers, and delivery partners are identified and managed appropriately.   

• Ensure Information Security is managed effectively throughout the IT service delivery lifecycle (including Security Operations, Security Architecture and Security Assurance).   

• Third party management with third party application development partners  

• Run, operate and report on LI internal Cyber Security Operations Centre (CSOC), SIEM, threat hunting, vulnerability management and Cyber Threat Intelligence.   

• Support the organisations Service Continuity Plans and Disaster Recovery Plans.   

• Drive development and delivery of measures and metrics to support the assessment, reporting and ongoing improvement of the information security posture.   

• Work closely with internal stakeholders and business units to keep abreast of planned changes to technologies, working practices, and business activities that could have an impact on the organisation’s information security or risk profile.   

• Ensure and promote an appropriate level of information security culture and awareness across the organisation.    

• Drive investigations into information security breaches and pursue associated disciplinary and legal matters, liaising with the Data Protection Officer on data protection legislation ensuring root-causes of such breaches are understood and addressed.   

• Maintain and develop the organisations Information Asset Register in collaboration with Information Asset Owners, coordinators and other stakeholders across the organisation.  

Essential Requirements 

• Substantial experience at engaging, influencing and managing stakeholders across departmental and organisational boundaries up to and including director level.    
• Track record of senior management in a complex IT organisation encompassing service delivery, application development and cloud infrastructure and PaaS services, SIEM and CSOC.   
• Experience of Microsoft Cloud Adoption Framework, Zero Trust Architecture, and Microsoft Cybersecurity Reference Architectures.   
• Good understanding of current and emerging threats and countermeasures and the organisational challenges to addressing these threats.   
• Proven experience with hands on practical experience in the designing, building, testing and delivery of transformational security improvements across an organisation.   
• An excellent understanding of best practice within Information Security and risk management including standards such as NIST, CIS, Cyber Essentials, ISO/IEC 27001, ISO 27005, ISO31000.    
• Experience of Business Continuity Management, Disaster Recovery Management and Service Continuity Management.   
• Experience of operating within a Cyber Essentials Plus environment, ideally with experience of the gaining of this accreditation.   
• Experience of operating in a service management framework or standard such as ITIL V4 or ISO20000.    
• An excellent understanding of legislation and regulations that impact information Security e.g. UK Data Protection Act and GDPR. Government Cyber Security Strategy and GovAssure. 

Benefits 

The salary for this role is £50,000-£60,000

As an LI employee, you will be entitled to our company benefits which include: 

• Remote-first working set up 

• 33 days annual leave, inclusive of Bank Holidays 

• 4 x annual salary Life Assurance 

• Market leading pension through Legal & General 

• Enhanced Parental leave  

• Excellent learning, training and, career development opportunities and funding 

• 24/7 access to our Employee Assistance Programme 

• An inclusive culture where everyone is respected and valued 

Application and Interview Process 

To apply for this role you will need to submit a CV and answer some pre-screening questions. 

The interview and assessment process for this role will involve a telephone interview with our Talent Team, followed by a first stage and a final stage interview. All interviews will be conducted fully remotely via MS Teams. 

If we need to make a reasonable adjustment so that you can complete your application, please contact us as soon as possible by emailing talent@livestockinformation.org.uk before the closing date to discuss your needs. 

Apply before 4:00pm on 11th April 2024. Any applications submitted after the cut off will not be considered. 

Diversity statement 

At Livestock Information, we value diversity and believe that every individual brings different strengths. We understand that not everyone may possess every single skill outlined in this job description, but if you believe you have a solid skill set that enables you to excel in this position then we really encourage you to apply. 

Disclaimer 

Livestock Information Ltd. cannot sponsor work visas at this time. 

Livestock Information Ltd. Does not discriminate based on race, sex, colour, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits. 

Livestock Information Ltd. Does not accept unsolicited CVs from any source other than directly from a candidate. Any unsolicited CV’s not originating directly from a candidate and sent to Livestock Information Ltd or any Livestock Information Ltd employees, including unsolicited CVs sent to a Livestock Information Ltd mailing address or email address, are rejected. Livestock Information Ltd will NOT pay a fee for any placement resulting from the receipt of an unsolicited CV. Livestock Information Ltd considers any candidate for whom the recruiter has submitted an unsolicited CV referred by the company free of any fees.