Lead IT Security Manager

CFC Underwriting • Permanent • London, Greater London, England, United Kingdom • 1d ago

Lead IT Security Manager

As CFC’s IT Security Manager you will be part of the technology team, the engine room of the business, providing bespoke systems that give CFC its competitive advantage in this dynamic marketing place.

As the Security Manager, you will liaise with security incident response experts, working with our infrastructure and development teams to ensure that our systems are appropriately secure, compliant and resilient while keeping up to date with industry changes. . You will also be expected to continuously educate people across the business in security matters and threats.

About the role

As the Security Manager you will be accountable for setting standards , ensuring that all people across the business understand their own responsibilities in relation to IT security. You will have a clear understanding of how to navigate the inevitable tension between security concerns and business delivery drivers.

You will be responsible for the following:

Accountability for creating and maintaining standards and their implementation
Work with stakeholders and staff to nurture a culture where security is always in mind and seen as a critical part of everyone’s responsibility
Creation of training materials and assisting with the continual upskilling of the whole company in relation to security matters relevant to their roles
Provide day to day advice in security matters across the business
Carry out business impact analysis activities relating to new changes and capabilities
Working with our SOC to ensure that their incident detection models and alert response processes are kept appropriate and up to date
Coordinating with our MSSP for the scoping and execution of vulnerability scanning and penetration testing
Curation of security standards for development and infrastructure delivery and operations
Facilitate internal / external IT security audits.
Working with development teams during the design phase of architectural changes to ensure that security is considered
Running tabletop security exercises to test our response plans and capabilities
Satisfying security related compliance and due diligence requests from capacity providers and auditors
Scheduling and coordination of DR test exercises

About you

You will be someone that has an exposure to environment where infrastructure management is heavily automated. You will have experience in working with suppliers to negotiate and manage the service they provide. Insurance experience would be advantageous, but not essential. You will be someone that has experience with:

Defining and implementing IT security policies within a financial services organisation and with a demonstrable understanding of associated risk management
Knowledge of security in a cloud hosted environment, especially using cloud native technologies in Azure
Knowledge of secure development practices and relevant tooling
Experience training others in security matters at all levels
Great communication skills and the ability to influence others
Experience running security testing processes such as tabletop exercises, phishing campaigns etc.
Knowledge of security audit requirements in financial services organisations and a proven track record working with auditors on such matters

Core Values

Love what you do:

We show up each day ready to take on the world. Our passion and intensity set us apart and makes the difference to our colleagues, customers, brokers and carriers.

Challenge everything:

We’re never afraid to question the way that things are done and we constantly challenge ourselves and others to makes things better.

Have fun, be good:

Insurance is a serious business, but we don’t take ourselves too seriously. We make it fun to work at CFC, we welcome all viewpoints, and we treat everyone how we would expect to be treated.

About CFC

CFC is a specialist insurance provider, pioneering emerging risk and market leader in cyber. Our global insurance platform uses cutting-edge technology and data science to deliver smarter, faster underwriting and protect customers from today's most critical business risk.

Headquartered in London with offices in New York, Austin, Brussels and Brisbane, CFC has over 950 staff and is trusted by more than 100,000 businesses across 90 countries.

At CFC, insurance isn't just about underwriting. From data science to software development, and digital marketing design, we've got something for everyone. We're passionate about pushing boundaries, thinking differently and building the insurance company of the future.

CFC is committed to the principles of equal opportunities and creating an environment in which all individuals are always treated with dignity and respect. We encourage a diverse corporate culture of openness and appreciation to create an environment in which your talent can be developed in the best possible way. Should you require any reasonable adjustments at any stage of the recruitment process please let us know.