Legal IT Jobs

IT Security Manager – 6 Month Contract – Clifford Chance (London)

Job Details

The IT Security Manager will primarily be responsible for the successful day-to-day operation, management and delivery of the global IT Security Service, focusing on both Cyber Security and IT Security management.

Working alongside the IT Risk Manager and the IT Operations teams, the IT Security Manager will be responsible for the running of a global federated team, which is responsible for the operation and engineering of services, including:

Technical Security policy management.

Security incident & event management.

Web proxy solution & internet connectivity.

Perimeter security (firewall) & remote access (VPN) solution

Intruder & malware detection.

Data security & encryption procedures.

Forensic investigation.

IT Security Business continuity planning.
In addition, the IT Security Manager will also be responsible for all aspects of the day-to-day management of the Security Team, which will include, resource planning, performance management, capacity planning, budget management and vendor contract management.

The IT security manager will also be expected to perform a significant internal consulting role, providing security advice and design services to other teams within the organisation. This will include performing global network and perimeter security impact assessment for new applications/technologies, deployment assistance for global solutions, and co-ordination of global security issues across all of the firm’s regional offices.

In-line with Firm’s standard operating model, all IT Security related services will need to be delivered against a backdrop of ITIL and the firm’s own IT Service Delivery Framework.

This role is key to supporting and delivering the firm’s strategic IT vision for 2014 – and as such – the IT Security Manager will be expected to support and drive many Security and Risk related changes into the firm’s IT organisation globally.

Key Responsibilities

Working closely with the firm’s IT Risk, Infrastructure, Architecture, TDA and Service Management groups, in the design, implementation and support of new and existing systems, from a security perspective. This can range from participating in design and engineering work, up to undertaking the overall management of Infrastructure changes.

Driving day-to-day management, control, and support of IT Security related services, ensuring that these operate reliably and securely on a 24×7 basis. A substantial portion of the role will require technical hands-on configuration, build, troubleshooting, and overall management.

With support from IT Service Delivery Manager, reviewing and managing an outsourced security service. In many cases, this will involve creating, measuring and managing to Operational (and Service) Level Agreements, across internal and external teams.

The IT Security Manager will be expected to lead the IT security team in following activities:

Ensure a reliable, secure, and efficient internet service through service monitoring and resilient design.

Ensure reliable remote access services and VPN connectivity through design, deployment and operational support.

Ensure global trusted and untrusted network architecture is correctly aligned with security objectives through close liaison with IT Risk and Network teams.

Monitor, maintain and manage – to a high standard – existing firewall architectures, security incident and event management, intrusion prevention & malware detection systems.

Maintain active research and analysis into new and evolving technologies and potential security threats.

Regularly apprise the global IT Infrastructure and IT Risk managers of new developments, through standard and ad-hoc reporting.

Conduct regular health check and security service reviews with vendors, and identify/address any security issues in a timely fashion.

Translate broad security policy statements into practical security solutions.

Develop security based solutions to address any current and future business requirements, produce the relevant technical security design documentation, and be able to communicate these solutions to colleagues as required.

Provide support to the IT Risk Manager on ISO27001 processes – including assistance in identifying and mitigating technical security risks, monitoring the effectiveness of controls, and participation in Security Forum meetings.

Pro-actively identify and resolve technical security issues, e.g. through vulnerability scanning and interrogation of available tools/logs.

Provide support for periodic activities such as penetration testing, internal & external audits, and client security assessments.

Regularly monitor, review, and maintain IT Security standards.

Manage and execute security related changes globally.
The position holds team responsibility for 5 FTE all based in London.

Skills and Qualifications

The candidate must be able to demonstrate proven experience within the IT Security industry.

The following skills are essential :

Firewalls – Checkpoint, Nokia

Intrusion detection/prevention systems – Snort / Smart Defence

Checkpoint certification – CCSA or CCSE

A complete understanding of Linux

An understanding of Squid

Creation of technical architecture documents focusing on security deployment and management

Security policy creation – technical approaches to security issues and a strong understanding of security implications

External DNS specifically with UNIX/Linux platforms

IPSec – used over dial-up, over wireless, over DSL and other

VPNs, PKI, SecureID etc

Excellent Windows knowledge(XP, Active-Directory knowledge also preferred)


Cisco routers, IOS

ITIL v2/v3 and Prince2
Knowledge of SIEM, Cisco CCNA Certification and Websense is also desirable. Experience of forensic investigation and development of security solutions, as well as a good understanding of latest threats, techniques, and solutions in IT/Cyber Security, will be advantageous.

The following soft skills are essential for the role :

Excellent communicator (verbal & written) with excellent command of English. The role requires an experienced technology professional who can effectively present highly technical solutions to less technical staff

Strong influencing and sales skills – able to ‘sell’ technology strategies and proposals to global teams

Co-operative, flexible approach to different working methods

Strong team manager – supportive, co-operative, user-friendly.

Good financial management skills

Proven service management and 3rd party vendor (on and off-shore) management skills

An ability to stay abreast of future security trends and developments

Click here to apply: