IT Security Manager

Farsound Aviation Limited Romford a month ago

About the role

An exciting opportunity has arisen for an experienced IT Security Manager to join our global organisation offering excellence in supply chain solutions.

The main purpose of this role is to act as an interface between the Senior Management's strategic and process-based activities and the work of the IT Manager, and engineers in the IT organisation.

The successful candidate will be able to translate the IT risk requirements and constraints of the business into technical control requirements and specifications of ISO-2700X, as well as report on ongoing performance. The ISM coordinates the IT organisation's technical activities to implement and manage security infrastructure, and to provide regular status and service-level reports to management.

This exciting opportunity will see you develop, implement, and monitor a strategic and comprehensive enterprise information security and IT risk management program to ensure that the integrity, confidentiality and availability of information is owned, controlled or processed by the organisation.

About our company

At Farsound Aviation we provide bespoke supply chain solutions, tailored to meet the exact business needs of our customers. We specialise in the supply of C-Class, B-Class, and other fast-moving consumable parts to the aero-engine sector, focusing on Supply Chain Management right from the forecast requirement through to parts on the production line.

We have significant forecasting expertise in the unpredictable MRO sector, helping us consistently achieve 99.5% product availability for our customers.

Key deliverables:

  • Coordinate measure and report on the technical aspects of security management.
  • Manage outsourced vendors that provide information security functions for compliance with contracted service-level agreements. BT, O2, VIRGIN, DESCARTES within the Context of
  • IS027001 Confidentiality, Integrity, Availability.
  • Manage and coordinate operational components of incident management, including detection, response and reporting.
  • Maintain a knowledgebase comprising a technical reference library, security advisories and alerts, information on security trends and practices, and laws and regulations.
  • Ensure Alignment of the monitoring systems.
  • Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk.
  • Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and comply with policies and audit requirements.
  • Design, coordinate and oversee security-testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks.
  • Design, coordinate and oversee disaster recovery and the IT business continuity plan.

What we are looking for:

  • The successful candidates will have:
  • An understanding of operating system internals and network protocols.
  • Understanding of DNS and Secure DNS
  • Familiarity with the principles of cryptography and cryptanalysis.
  • Understanding of SSL and certificate security.
  • Experience in system technology security testing (vulnerability scanning and penetration testing).
  • Familiarity in application technology security testing (white box, black box and code review).
  • Experience with common information security management frameworks, such as International Standards Organization (ISO) 2700x

Hold two of the following :

  • Certified Information Systems Security Professional (CISSP) issued by ISC2
  • MCSE – Security issued by Microsoft
  • Sonic-wall Network Security Professional
  • Cisco Certified Security Professional
  • Vendor Specific e.g Sophos certified engineer.

In return we are offering

  • A competitive salary dependent on skills knowledge and experience
  • The role is predominantly office based with some flexibility to work remotely
  • Life assurance
  • Enhanced pension contribution
  • Cycle to work scheme
  • Employee Assistance Programme
  • Flexi-time
  • Wellness allowance scheme (up to £40 per month gym membership contribution)
  • Long service awards
  • Enhanced family friendly leave
  • Discretionary sick pay scheme
  • 25 days holiday (which also increases after 5 years)
  • Modern and spacious offices equipped with current IT systems and technology and a comfortable canteen area
  • On site parking

If you feel you have the right attributes and skill set and want to find out more about this role, please click apply today!

All our vacancies are handled by our internal recruitment team and therefore any unsolicited CV’s and/or Agency Terms of Business will not be accepted. For any recruitment enquiries please email [email protected]

Privacy Notice - Job Applicants

INTRODUCTION
This privacy notice tells you what to expect when we collect information from job applicants.

Vero HR Ltd is the data controller for the information you provide during the process unless otherwise stated.

What will we do with the information you provide to us?
All of the information you provide during the process will only be used for the purpose of progressing your application.

We will not share any of the information you provide during the recruitment process with any third parties for marketing purposes
or store any of your information outside of the European Economic Area. The information you provide will be held securely by us
and/or our data processors whether the information is in electronic or physical format.

We will use the contact details you provide to us to contact you to progress your application. We will use the other information
you provide to assess your suitability for the role you have applied for.

What information do we ask for, and why?
We do not collect more information than we need to fulfil our stated purposes and will not retain it for longer than is necessary.

The information we ask for is used to assess your suitability for employment. You don’t have to provide what we ask for, but it
might affect your application if you don’t. Our legal basis for processing this information is that it is necessary for us to be able to
enter into an employment contract with you.

APPLICATION STAGE
If you use our online application system, this will be collected by a data processor on our behalf (please see below).

We ask you for your personal details including name and contact details. We will also ask you about your previous experience,
education, referees and for answers to questions relevant to the role you have applied for. We may also access your public social
media profile(s). Our recruitment team will have access to all of this information held in the candidate management system and
our website.

SHORTLISTING STAGE
Our hiring managers shortlist applications for interview based on their suitability to the requirements of the role.

ASSESSMENTS STAGE
We might ask you to participate in assessment days; complete tests or occupational personality profile questionnaires; and/or to
attend an interview – or a combination of these. Information will be generated by you and by us. For example, you might complete
a written test, or we might take interview notes. This information is held by Vero HR Ltd.

USE OF DATA PROCESSORS
Data processors are third parties who provide elements of our recruitment service for us. We have contracts in place with our data
processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They
will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period
we instruct. Third party processors may include our recruitment agent, candidate management software and website developer
providers.

How long is the information retained for?
If you are appointed to the role, the information you provide during the application process will be retained by us as part of your
employee file for the duration of your employment plus six years following the end of your employment.

If you are unsuccessful at any stage of the process, the information you have provided until that point will be retained for twelve
months from the closure of the campaign.

Information generated throughout the assessment process, for example interview notes, will be retained by us for twelve months
following the closure of the campaign.

How do we make decisions about recruitment?
Final recruitment decisions are made by hiring managers and members of our recruitment team. All of the information gathered
during the application process is taken into account.

You are able to ask about decisions made about your application by speaking to your contact within our recruitment team.

YOUR RIGHTS
Under the General Data Protection Regulation, you have rights as an individual which you can exercise in relation to the
information we hold about you. These are:

  • The right to be informed about how we use your personal data and your rights – this is all set out in this privacy notice
  • The right to access data we hold on you – details can be found under “access to personal information” below
  • The right to ask us to rectify information which is incorrect
  • The right to ask us to erase information – although if we need to keep the information we may have to refuse your request
  • The right to ask us to stop using your information – although again if we need to continue then we may have to refuse your request

COMPLAINTS OR QUERIES
Vero HR tries to meet the highest standards when collecting and using personal information. For this reason, we take any
complaints we receive about this very seriously. We encourage people to bring it to our attention in the first instance if they think
that our collection or use of information is unfair, misleading or inappropriate.

This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of Vero HR
Ltd’s collection and use of personal information. However, we are happy to provide any additional information or explanation
needed. Any requests for this should be sent to the contact details provided below.

If you have contacted us and are unhappy with our response, and you want to make a complaint about the way we have processed
your personal information, you can contact the Information Commissioner’s Office – www.ico.org.uk/concerns.

ACCESS TO PERSONAL INFORMATION
Vero HR Ltd tries to be as open as it can be in terms of giving people access to their personal information. Individuals can find out
if we hold any personal information by making a ‘subject access request’. If we do hold information about you, we will:

  • Give you a description of it
  • Tell you why we are holding it
  • Tell you who it could be disclosed to
  • Let you have a copy of the information

To make a request for any personal information we may hold on you please email your request to the address provided below.
If we do hold information about you, you can ask us to correct any mistakes by, once again, emailing the address below.

HOW TO CONTACT US
If you want to request information under our privacy policy, in the first instance please email us at: [email protected]

March 2019 - Copyright verohr 2019. All rights reserved

UrmVFljCsp