Information Security Manager (CISSP /or CISM)

£55000 - £60000 per annum
05 Oct 2017
02 Nov 2017
Contract Type
Full Time
Information Security Manager - Permanent - Surrey - £55k-£60k p.a. depending on experience We are recruiting an experienced Information Security Manager ideally holding relevant industry accreditations CISSP (Certified Information Systems Security Professional) and/or CISM (Certified Information Security Manager). You will lead on and be responsible for all aspects of our clients information security risk management; ensuring the organisation`s IT systems, policies and governance meet industry and ISO standards. This includes developing, embedding, supporting, maintenance and ongoing enhancement of associated systems and frameworks. You will advise and provide assurance to senior management (including but not limited to the Data Protection Officer, Chief Information Officer (CIO), Deputy CIO, and Head of Security and Risk) on matters relating to information security and risk management policy and governance; giving recommendations where appropriate. To apply you will require the following: - Strong understanding of: information risk management, business continuity methodologies and risks management, audit processes - Expertise in data protection and related legislation (DPA and GDPR) - Expertise in ISO27001 and related standards - Strong knowledge and understanding of information security standards, data protection legislation and related compliance systems - CISSP (Certified Information Systems Security Professional) and/or CISM (Certified Information Security Manager) - Strong leadership qualities - Strong communication skills - ability to lead meetings and to present to groups - Good writing/language skills - ability to produce and maintain effective documentation - Good writing/language skills - ability to produce and maintain effective documentation - Good analytical skills and a logical approach - Excellent level of interpersonal skills and ability to consult and negotiate successfully with a variety of people internally and externally - A high level of planning and organisational skills and an attention to detail - Ability to advise on policy and procedures and to implement frameworks to ensure the long-term sustainability of new frameworks - Proactive, with the ability to work independently and to deliver to deadlines - Extensive experience in information security and supplier audit environments - Extensive experience of Information Security and Risk Management, including conducting Business Impact Analyses using ISO27001 and ISO22301 focused risk assessment/management tools and managing organisational Risk Treatment Plans - Good experience of the introduction of new processes and procedures including directly guiding and supporting business process owners through such change. - Experience of having introduced and maintained Information Security Management systems and processes within rapidly changing and multi-site organisations and working closely alongside internal and external audit teams. - Experience of working within a formalised project management environment; in particular a track record of applying Prince 2 would be highly desirable. Interview`s ASAP, start October/November 2017.
This job was originally posted as