Job Description
The Security, Operations and Compliance manager plays a pivotal and critical role in the team. The successful candidate will be responsible for three inter-dependent teams which underpin all other work. The Security, Operations and Compliance Manager will lead three energetic teams setting direction for each team, thus influencing the stability and reputation of our solutions. They will work closely with leaders and managers across the wider organization to ensure alignment and in a North South direction, striving to achieve a best-in-class environment and solution.
Key Responsibilities
1. To lead diverse teams to strive for excellence
2. To achieve and maintain required certifications such as ISO 9001, 27001 and GAMP
3. Improve the security of our products and infrastructure
4. To improve the automation of security checks and controls
5. To be the point of contact for security and compliance related queries
6. To maintain alignment with TT policies and procedures
7. To foster and maintain working relationships with key stakeholders in TT
8. To perform vulnerability management
9. To ensure key plans are reviewed and robustly tested e.g. DR and Incident Management Plans
10. To constantly review and refine processes to drive improvements
11. To ensure that one is informed and up to date with latest best practices and security issues.
Qualification:
12. Should have 5+ years in an IT managerial role with security and compliance focus
13. Must have experience in delivering and maintaining certifications e.g. ISO 9001 and 27001
14. Must have familiarity with audit processes and standards such as GDPR, GAMP, ISO 9001, NIST and ISO 27001
15. Must have excellent communication skills
16. Must have excellent presentation skills being able to present to both end users and Enterprise Leaders
17. Be able to work as part of a multi-discipline team to achieve common outcomes
18. Display leadership, planning and co-ordination skills
19. Must have experience working with security tools such as SAST and DAST scanners
20. Must have experience in areas such as Vulnerability, DR and Incident Management
21. Must have experience with a variety of technologies e.g. cloud hosting platforms, CI/CD automation, security test tools and collaboration tools