Share this Job

IT Security Manager

RWE Supply & Trading GmbH, Swindon, UK or Essen, Germany

To start as soon as possible, Full time, Permanent


The IT Security Manager will be part of the IT Security Operations Team at RWE. The department is growing rapidly in order to support our expanding global user base and the onboarding of new and exciting technologies.


As an IT Security Manager specialising in Vulnerability Management you will be a key part of the team and be responsible for the vulnerability management service and its expansion based on your ideas, best practice and our IT Security Strategy.


The IT Security Manager will report to the IT Security Operations Team Lead and work closely with the Managed Security Service Provider (MSSP) to effectively identify, quantify, and manage cyber vulnerabilities across the RWE Group. In order to drive actions based on vulnerability reports and assessments at all levels of the organisation including executive management you will be expected to define the prioritisation of remediation activities and optimise the remediation efforts in a risk-based approach within a dynamic environment.


Your responsibilities

  • Develop, implement and manage the necessary Threat and Vulnerability Management (TVM) policies, framework , standards and procedures which align with our Target Operating Model
  • Define processes for the application of the security hardening policies based on CIS Benchmarks and manage the associated lifecycle
  • Define and make recommendations to the IT Application Teams to ensure the Secure Configuration Lifecycle is followed and all internal applications are built in accordance with the secure configuration policy and controls.
  • Monitor and respond to regulatory developments and industry best practices in a timely manner and recommend how to optimise security monitoring tools based on threat and vulnerability discoveries
  • Work closely with our MSSP and their Vulnerability Management Service Team to ensure successful completion and recording of all scanning activities
  • Work closely with the MSSP and ensure threat management encompasses external and internal threat sources, helping to identify current and future threats to the Group.
  • Support the assessment of and provide technical support for identified vulnerabilities and prioritise remediation based on risk and exposure and track remediation activities to completion, validating the effectiveness in mitigating the risk.
  • Assist and mentor junior staff or apprentices in cybersecurity techniques and processes if and when required
  • Assist in improving and establishing new metrics (KPIs) to measure performance of the TVM service, report trends along with any necessary remediation and ensure the accurate and timely release of vulnerability metrics.
  • Assist in the production of regular Management Reports


Your powerful skills

  • Extensive experience of implementing, monitoring and improving the threat and vulnerability management service of a large energy trading or financial services organisation.
  • Expert level understanding of both threat and vulnerability management services and information security
  • Detailed knowledge of system security vulnerabilities and remediation techniques
  • Excellent technical comprehension of threat and vulnerability scanning solutions, systems and processes
  • Knowledge of and ability to manage Windows, Network Device, Database, Middleware, and Application vulnerabilities.
  • A high level understanding of security architectural design and network design


Your technical skills:

  • Good Knowledge of Cloud Platforms (AWS and/or Azure)
  • Good Knowledge of Scripting Languages such as Python and Powershell
  • Understanding of Windows and *NIX Operating Systems
  • Understanding of Virtualisation Technologies  e.g. VMWare
  • Understanding of network protocols


Your personal skills:

  • Excellent written and verbal communication skills in English
  • Strong analytical and problem solving and conflict management skills
  • Ability to respond and adapt in a fast changing and pressured environment
  • Confident in engaging with stakeholders at all levels
  • Strong organisational skills and time management
  • Ability to prioritise workload in accordance with a changing environment
  • Comfortable working against deadlines in a fast-paced environment
  • Willingness to take on work related travel as required to the UK and within Europe


Advantageous, but not a must

Educated to degree level in Computer Science, Maths, Science, Cyber Security or an IT Security related discipline or an appropriate industry related qualification.

  • Certified Information Systems Security Professional (CISSP)
  • Certified Ethical Hacker (CEH)


What we value most is passion, willingness to learn and a determined and resilient work ethic. So, if you can’t display all of the skills above we would still like to hear from you.


Benefits you can rely on

  • Competitive salary & benefits package 
  • In house gym, canteen and free parking
  • Flexible working to support work life balance
  • Training and development
    • Team members are encouraged to study and certify in industry recognised Cyber Security training courses 
  • Be part of a growing , dynamic and enthusiastic team
  • Opportunities to work on challenging and interesting projects with new technologies


flexible working times (40x40) cafeteria/canteen (40x40) company pension scheme (40x40) health services (40x40) Free parking (40x40) shareholding (40x40) career promotion (40x40) attractive remuneration (40x40) employee discounts (40x40) social commitment (40x40) International exchange (40x40) Graduate programme (40x40) company car (40x40) good transport connection (40x40) free bridging days (40x40)


Apply now with just a few clicks: 36279 application deadline 06.06.2021.

Any questions? Steph Turi (Recruiting), E.: stephanie.turi@rwe.com

We look forward to meeting you!


We value diversity and therefore welcome all applications, irrespective of gender, disability, nationality, ethnic and social background, religion and beliefs, age or sexual orientation and identity.

Of course, you can find us on LinkedIn, Facebook, Twitter and Xing, too.



Job Segment: Social Media, Law, Information Systems, Manager, Supply, Marketing, Legal, Technology, Management, Operations