Technical IT Security Advisory Manager
- Employer
- Burberry
- Location
- Leeds, United Kingdom
- Closing date
- 30 May 2023
View more
- Function
- Technology
- Level
- Manager
You need to sign in or create an account to save a job.
Job Details
INTRODUCTION
At Burberry, we believe creativity opens spaces. Our purpose is to unlock the power of imagination to push boundaries and open new possibilities for our people, our customers and our communities. This is the core belief that has guided Burberry since it was founded in 1856 and is central to how we operate as a company today.
We aim to provide an environment for creative minds from different backgrounds to thrive, bringing a wide range of skills and experiences to everything we do. As a purposeful, values-driven brand, we are committed to being a force for good in the world as well, creating the next generation of sustainable luxury for customers, driving industry change and championing our communities.
JOB PURPOSE
The IT Security Advisory function provides a key role within Burberry's Group Information Security Team to ensure that information security is appropriately integrated into all IT and business projects. The IT Security Advisory Manager will work closely with the Senior Manager and a team of Security Advisors to ensure that new projects and initiatives are assessed, and risk-based security advice is provided.
The ideal candidate will have strong experience of securely designing or performing comprehensive security assessments against new products and solutions, as well as communicating effectively with a range of technical and non-technical business stakeholders.
The team is based across our Leeds and London offices and travel to the office based on business need. We are happy to discuss a working pattern that works best for you in line with our flexible working practices.
RESPONSIBILITIES
· Advise in-flight IT and business projects to embed security requirements, manage risks and enable security by design.
· Perform security risk assessments against projects to determine control requirements and track and report on security requirements levied on projects/initiatives through to successful implementation.
· Develop security-related project artefacts/patterns to support consistent security input to projects.
· Perform controls validation to ensure that any initial requirements were implemented as expected.
· Liaise with project stakeholders as an information security subject matter expert throughout the project lifecycle, including representing the Information Security Advisory Team at stage gate meetings.
· Identify and document any residual risks and engage with the Information Security Risk team to ensure these are tracked and managed.
· Support the continuous optimisation of our methodology and approach to support the delivery of consistent security input to projects, services and solutions.
· Work collaboratively with the wider information aecurity function, enterprise architecture & project management teams to ensure a consistent approach to embedding security into projects.
PERSONAL PROFILE
Candidates should have experience in the following areas:
· Experience and knowledge of information security processes & technologies such as, networks, applications, mobile devices, cloud and web-related technologies (web applications, web services, service orientated architectures).
· Strong technical background, such as demonstrable security architecture experience.
· A strong understanding of information security best practices and recognised industry frameworks, threats, and latest technologies.
· Knowledge of waterfall and/or agile ways of working and practices.
· Experience with information security risk management.
Candidates must be able to demonstrate the following skills and experience:
· The ability to communicate effectively at all levels in an organisation
· The ability to translate highly technical information into a business context.
· Experience in handling competing priorities with productive and professional decision making.
· Capable of working in a team or unsupervised to the same level of quality.
· Strong verbal and written communication skills.
· Strong analytical, organisational and problem-solving capabilities.
The following skills and experience would be advantageous:
· Experience in determining security requirements for projects or products.
· Knowledge of penetration testing methods and approaches
· Experience in managing teams, including the coaching and development of team members, along with career and progress planning.
· Knowledge of Secure Software Development Lifecycle and broader application security considerations, especially related to ecommerce.
· Relevant security qualifications such as CISSP, CISM, ISO 27001 Lead Auditor.
· Experience with AWS and Azure security.
· Retail sector or commercial experience as an IT Security Consultant / Manager
FOOTER
Burberry is an Equal Opportunities Employer and as such, treats all applications equally and recruits purely on the basis of skills and experience.
Posting Notes: United Kingdom || Not Applicable || Leeds || IT || INFORMATION SECURITY || n/a ||
At Burberry, we believe creativity opens spaces. Our purpose is to unlock the power of imagination to push boundaries and open new possibilities for our people, our customers and our communities. This is the core belief that has guided Burberry since it was founded in 1856 and is central to how we operate as a company today.
We aim to provide an environment for creative minds from different backgrounds to thrive, bringing a wide range of skills and experiences to everything we do. As a purposeful, values-driven brand, we are committed to being a force for good in the world as well, creating the next generation of sustainable luxury for customers, driving industry change and championing our communities.
JOB PURPOSE
The IT Security Advisory function provides a key role within Burberry's Group Information Security Team to ensure that information security is appropriately integrated into all IT and business projects. The IT Security Advisory Manager will work closely with the Senior Manager and a team of Security Advisors to ensure that new projects and initiatives are assessed, and risk-based security advice is provided.
The ideal candidate will have strong experience of securely designing or performing comprehensive security assessments against new products and solutions, as well as communicating effectively with a range of technical and non-technical business stakeholders.
The team is based across our Leeds and London offices and travel to the office based on business need. We are happy to discuss a working pattern that works best for you in line with our flexible working practices.
RESPONSIBILITIES
· Advise in-flight IT and business projects to embed security requirements, manage risks and enable security by design.
· Perform security risk assessments against projects to determine control requirements and track and report on security requirements levied on projects/initiatives through to successful implementation.
· Develop security-related project artefacts/patterns to support consistent security input to projects.
· Perform controls validation to ensure that any initial requirements were implemented as expected.
· Liaise with project stakeholders as an information security subject matter expert throughout the project lifecycle, including representing the Information Security Advisory Team at stage gate meetings.
· Identify and document any residual risks and engage with the Information Security Risk team to ensure these are tracked and managed.
· Support the continuous optimisation of our methodology and approach to support the delivery of consistent security input to projects, services and solutions.
· Work collaboratively with the wider information aecurity function, enterprise architecture & project management teams to ensure a consistent approach to embedding security into projects.
PERSONAL PROFILE
Candidates should have experience in the following areas:
· Experience and knowledge of information security processes & technologies such as, networks, applications, mobile devices, cloud and web-related technologies (web applications, web services, service orientated architectures).
· Strong technical background, such as demonstrable security architecture experience.
· A strong understanding of information security best practices and recognised industry frameworks, threats, and latest technologies.
· Knowledge of waterfall and/or agile ways of working and practices.
· Experience with information security risk management.
Candidates must be able to demonstrate the following skills and experience:
· The ability to communicate effectively at all levels in an organisation
· The ability to translate highly technical information into a business context.
· Experience in handling competing priorities with productive and professional decision making.
· Capable of working in a team or unsupervised to the same level of quality.
· Strong verbal and written communication skills.
· Strong analytical, organisational and problem-solving capabilities.
The following skills and experience would be advantageous:
· Experience in determining security requirements for projects or products.
· Knowledge of penetration testing methods and approaches
· Experience in managing teams, including the coaching and development of team members, along with career and progress planning.
· Knowledge of Secure Software Development Lifecycle and broader application security considerations, especially related to ecommerce.
· Relevant security qualifications such as CISSP, CISM, ISO 27001 Lead Auditor.
· Experience with AWS and Azure security.
· Retail sector or commercial experience as an IT Security Consultant / Manager
FOOTER
Burberry is an Equal Opportunities Employer and as such, treats all applications equally and recruits purely on the basis of skills and experience.
Posting Notes: United Kingdom || Not Applicable || Leeds || IT || INFORMATION SECURITY || n/a ||
Company
Founded in 1856, Burberry today remains quintessentially British, with outerwear at its core. Digital luxury positioning and intensive focus on design innovation, quality and heritage icons of the trench coat, trademark check and Prorsum knight, ensure continued brand purity and relevance globally across genders and generations.
At Burberry, every individual, every team and every function, shares an incredible passion for the brand and is guided by a ‘brand-first’ mind-set. Decisions are evaluated through the lens of the long-term health and vitality of the Burberry brand.
Burberry believes that in order to be a great brand it must also be a great company. Inspired by three Core Values - Protect, Explore, Inspire - rooted in the brand’s heritage and continually informing its guiding principles, Burberry leverages its compassionate and creative thinking culture to continually innovate and drive the brand forward.
Find Us
- Location
-
Horseferry House
London
GB
You need to sign in or create an account to save a job.
Get job alerts
Create a job alert and receive personalised job recommendations straight to your inbox.
Create alert