Security Manager

Security Manager required to join hugely successful IT services organisation in Derby.

We are looking for a Security Manager with significant public sector/local government experience to join one of the UK's fastest growing IT organisations.

The Security Manager should have as many of the following skills as possible:

* Microsoft ISA server
* Citrix Access Gateway
* Government Connect Mail and Exchange
* Government authentication schemes ¡V N3 and Contact Point smartcards
* Websense content security (Anti-virus and internet content)
* Active directory based authentication services
* Nokia, PIX and Cisco Firewalls
* Intrusion Detection software
* McAfee Antivirus
* Apache SQUID
* Mobile device encryption ¡V Pointsec/BeCrypt
* Risk analysis and management methodologies
* BS ISO/IEC 27001

The Security Manager will hold the following responsibilities and duties:

+ Configure and manage all existing firewalls, maintain firewall rule base and apply security patches as required in a timely manner to maintain security architecture.
+ Also maintain and update approved changes to including but not limited to domain names, address ranges, URLs, network, users and user groups.
+ Ensure all firewall rules are documented and have a full explanation for their existence.
+ Manage, maintain and support the anti-virus software to ensure that any files distributed across the networks including e-mail attachments, are scanned before use and prior to distribution.
+ Ensure that all PCs connected to the network are covered by the anti-virus software and ensure that all devices are automatically receiving updates.
+ Ensure that the anti-virus software is updated automatically as required to maintain anti virus protection on a daily basis or more frequently if necessary but ensuring an impact assessment has been carried out to mitigate possible detrimental effects on known problem areas.
+ Ensure that all email messages are scanned for viruses as soon as they enter the infrastructure (inbound and outbound) and operate a quarantine of infected emails.
+ Ensure the operations meet the Government Connect code of connect requirements.
+ Provide a monthly report on security activities and incidents as part of service management reporting.
+ Be responsible for managing and maintaining perimeter defences, including firewalls and intrusion detection services.
+ Be responsible for managing and maintaining perimeter access services, including AAA services, VPN access servers (both Microsoft ISA servers and Citrix Access Gateway) and remediation servers (Microsoft NAS / NAC quarantine services).
+ Be responsible for managing and maintaining perimeter content delivery services including reverse proxy and publishing services such as Microsoft ISA Server and Apache SQUID.
+ Be responsible for managing and maintaining secure domain and server isolation domains (using NAC / NAP and certificate services) within the network for secure services such as Government Connect Mail (GCmail) and GCExchange
+ Implementation and management of an account level information security risk assessment regime.
+ Implementation and management of an account level information security audit program.
+ Providing assurance that existing, revised and new procedures, plus work instructions are ISO 27001 and Data Protection Act (DPA) compliant.
+ Ensure effective incident reporting, management and investigation process are in place.
+ Provide specialist advice and guidance to staff on information security, DPA and Freedom of Information Legislation.
+ Ensure protective monitoring and auditing of ICT systems and processes.
+ Promote and deliver security training and awareness.
+ Promote policy, best practice and drive compliance.
+ Compile relevant reports, returns and statistics relating to information security.
+ Providing a comprehensive security management report on a monthly basis or as required.

This is a fantastic opportunity to join an organisation willing to invest in people's futures and will provide a varied and technically challenging role for candidates looking to enhance their technical skillset. If this sounds of interest then send in your CV NOW!!

Abraxas plc is a leading specialist recruitment agency for the IT industry. Abraxas is also one of the founding members of The Association of Professional Staffing Companies (APSCo). Due to the high level of applications we receive, please be aware that you may not hear from us immediately, as we can only respond to those applicants whose skills and qualifications are suitable for this position. If you would like Abraxas to help you find a similar position, or for a complete listing of all our current vacancies, please visit our website at www.abraxas.com and register your details. Please note that no terminology in this advert is intended to discriminate on the grounds of age, and we confirm that we will gladly accept applications from persons of any age for this role.