IT Security Manager

Full Job Description

NQC is a successful and growing software company specialising in supply chain risk management platforms. We’re in the ‘Tech for Good’ space, providing online web platforms which are in use by some of the largest organisations across a number of industries including the UK Government and the Automotive industry.

Based in central Manchester, NQC offers a supportive working atmosphere within a diverse team of people. We work on a hybrid model and regularly meet up outside of the office for team socials and company events. This is an opportunity to contribute to globally recognised technology solutions used by major brands throughout the world and become part of an exciting long term plan for sustainability, and a better future.

About your new role

As part of our growth journey, we are looking for an experienced IT Security Manager to manage our IT Administration team and take lead on NQC's security practices and policies. The successful candidate will manage a small team of two infrastructure engineers and work closely with other teams to ensure the security of our software products and infrastructure.

As an IT Security Manager you will be required to undertake the following responsibilities as part of your day to day activities:

• Design, implement and monitor Information Security and Cyber security policies and processes
• Developing, leading and managing the end-to-end planning, communication, training, delivery, assessment and continuous improvement of a consistent business risk-based Information Security and Cyber Security approach, that aligns to and supports wider business and customer requirements
• Developing, managing and delivering Information Security projects from initiation to implementation with a continuous improvement and collaboration focus
• Leading and delivering operational Governance, Info Sec & Cyber Security aligned to industry Security practices and standards, contingency planning and incident response across the company, minimising incidents and adverse events, enabling safe, secure and compliant IT and business operations, compliant to ISO27001, Cyber Essentials and TISAX standards
• Building, managing and monitoring activity and routine reports, raising awareness and adherence across the IT directorate and wider business
• Representation on Customer Information Security groups
• Managing third party web application PEN testing suppliers
• Maintain, analyse, and monitor cybersecurity threats
• Conducting security and data protection assessments with internal business units and external third parties to ensure ongoing security and data protection requirements are met
• Attending client calls as required for security assurance purposes or other related areas
• Working with our commercial teams to complete Security and Data Protection assessments in a timely manner
• Managing security incident response and continuous monitoring of effectiveness of the mitigation actions and outcomes
• Providing regular reports and updates to the Board of Directors

• Strong working knowledge of data privacy laws, information security and industry best practices and how they might impact a software business like ours
• Ability to prioritise tasks, problem solve, work under pressure, and be a business partner to the company, ensuring that we balance our compliance and security goals against commercial needs, giving consultative information advice and guidance as necessary
• Project management and presentation skills are key
• Strong eye for detail and documentation
• Strong communication and collaboration skills
• Ability to identify incident trends to elevate as required
• Experience of conducting information audits

Key Competencies

• Is consistently motivated, committed and able to perform duties in all situations.
• Persuades, influences and listens to others, using reason and co-operation to reach agreement.
• Communicates and receives ideas, views and information to achieve understanding.
• Gathers information from a range of sources. Analyses information to identify problems and issues and
• Makes effective decisions.
• Plans and supervises activities and resources to maximise performance.

• Competitive salary dependent on experience
• 25 days holiday (Increasing with service)
• Flexible hybrid working policy
• Health Cash Plan
• Private Company pension scheme
• 24/7 Access to a Virtual GP
• Life Assurance (4 x Salary after probation period)
• Regular company socials and events
• Perkbox - Diamond access - giving you access to treats, discounts on retail and leisure
• Employee Assistance Programme (mental health and stress support, counselling sessions)