Information Security Manager
65k + Bonus (10%) + Benefits
Opportunity for an experienced Information Security Manager to deliver a continuous improvement programme across ISO27001 within a FTSE 1000 company.
About the role
Reporting to the Head of Risk Assurance and Information Security, you will have accountability for monitoring and reporting on the compliance of the operational compliance to group IS Policies.
The role is responsible for planning, designing, testing, technical and process controls to support and enforce compliance according to best practices, while ensuring high levels of customer service quality and availability.
- Maintain an audit based continuous improvement program to track and deliver security improvements across all areas of the business.
- Work with the Head of Risk and Information security to maintain the security documents (policies, standards and base guidelines)
- Act as the subject matter expect for Information security within the business providing appropriate advice and guidance to colleagues
- Raise the profile of security within the business by being proactively involved with colleagues. Provide consultation and/or education as needed
- Recommend and coordinate the implementation of technical controls to support and enforce defined security policies
- Design, co-ordinate and oversee security testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks.
- You have a solid understanding of infrastructure management within a global organization
- Experience of design and implementation of security testing procedures.
- Sound understanding of security of systems, networks and applications, and associated risks
- Experience of looking after a multidimensional business agenda of various day-to-day compliance matters
- Experience of establishing credible relationships within IT and Business community with examples of driving risk and security initiatives
- Energy, drive and influence to deliver
- A practical pragmatic and hands-on approach
- Proven stakeholder management skills
- Experience with common information security management frameworks, such as International Standards Organization (ISO) 2700x, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) frameworks
- A strong understanding of the business impact of security tools, technologies and policies.
- Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies.
- Experience in system technology security testing (vulnerability scanning and penetration testing).
- Previous experience of working with legal, audit and compliance teams
- Strong team building, leadership, motivation and communication skills to work effectively
Formal Education & Certification
- Recognised professional certification in Information Security
- College diploma or university degree or 7 years equivalent work experience.
- A minimum of seven years of IT experience, with five years in an information security role
For immediate consideration please contact Sarah-Jane on 01908 886037