Cyber Security Manager

Location: Hybrid/Cheltenham

Salary: 60k

About the job

UCAS is the world’s leading shared admissions service for higher education. They provide application services for UK universities and colleges as well as delivering a wide range of research, consultancy and advisory services to schools, colleges, careers services, professional bodies and employers.

About The Role

UCAS is widely understood to be the equivalent of UK Critical National Infrastructure at certain points of the curriculum year. The Cyber Security Manager will support the Enterprise Security Lead to ensure an appropriate level of security assurance for Executive Members, Trustees and UK Government at all times.

This role will also provide expertise and support to the Enterprise Security Lead in achieving the strategic goals in UCAS for IT/Cyber security, helping to drive a level of excellence throughout the entire organisation that presents UCAS as ‘The Exemplar’ in cyber security across the education sector. The Cyber Security Manager will also assist in providing an integrated security service with strong links to all parts of the business including executive members.

Key accountabilities:

• Provide an internal security service, collaborating with various teams on security matters and responding to SAQ’s.
• Collaborate with the Enterprise Security Lead and other security team members in developing and maintaining both a strategy and Security maturity model that can be benchmarked with similar organisations.
• Lead/Support Cyber Security Initiatives/Projects
• Monitor security maturity across multiple cloud platforms, implementation of Security tools and services, providing management reporting which should include recommendations for improvements.
• Lead on Security Testing engagements and assist with the governance of findings, remedial works, re-testing where appropriate and the risk management process.
• Work closely with our primary outsource provider, including both onshore and offshore teams, assuring the operational security service they are contracted to provide.

Skills, Qualifications, And Experience

• One or more of the following qualifications: CompTia Security +, CISM, GIAC, CISSP, CISMP or SANS Certification.
• ITIL V3/V4 Foundation and above.
• Significant experience in a similar role, however lesser experience will still be considered for the right candidate.
• Working knowledge/understanding of the adherence to standards such as ISO27001, CIS-18, NIST CSF, OWASP, MITRE ATT@CK, GDPR etc.
• Good understanding of both the technical and operational aspects of IT systems and services, and security practices (SSDLC) embedded into agile development methodologies.
• A confident communicator, both verbal and written, comfortable engaging with internal customers at all levels, both technical and non-technical.

Package

• 30 days annual leave (plus 3 concessionary days over Christmas and your bank holidays!)
• Flexibility – UCAS positively supports Hybrid working for its employees, meaning you can work between home and the office in a way that suits you and the business and also has a comprehensive Flexible Working Policy
• A generous pension scheme
• Hundreds of high street discounts and offers with Perkbox
• Internal training and development
• Subsidised gym and café
• Be rewarded for going above and beyond with our ex-gratia bonus scheme and
• Celebrating U, our quarterly employee recognition scheme
• Dedicated volunteer employee networks promoting wellbeing, awareness and inclusion

Should you wish to discuss this role further, please contact Grace Tattersall.