Information Security Manager / IT Security Manager - Manchester
Information Security Manager / IT Security Manager - Manchester - Professional Services
A professional services business is looking to recruit an information security manager to be based out of their Manchester city centre office. The role holder will take responsibility for implementing and maintaining IT information security & risk management policies, standard and frameworks (including ISO 27001), right across this international business. Specific responsibilities include:
- Working with the broader IS team, contribute to the design of information security strategic initiatives and execute these strategies on behalf of the IT directorate and wider business
- Working closely with their Client's infosec functions to answer specific due diligence information requests and or answer internal InfoSec queries
- Creating and operating a comprehensive annual audit plan (and follow-up) to assure adherence to established controls to maintain information security standards, client obligations and certifications
- Supporting the firm's management of risk including the development, implementation and administration of the Business Continuity Strategy
- Accountable for the budget, performance & results of the Security team. Responsibilities of the Security team include integrity of the firms information, compliance management as well as planning & executing internal audit
The successful candidate will have:
- A proven background in information security management within a medium to large organisation
- Good interpersonal skills with the ability to communicate, influence and focus on engaging effectively with senior people in the business to identify opportunities and guide the adoption of information security principles
- Demonstrable experience of implementing, maintaining, and improving ISO27001 certification
- Demonstrable experience of implementing, running and continuously improving an information security management system.
- Demonstrable experience of building and testing Information security breach processes within an IT environment and wider business context (e.g. Ransomware attack, phishing exposures, DOS & DDOS attacks)
- Clear understanding of Data Protection (process, policy and standards) and the General Data Protection Regulation (GDPR)
- Information Security certification (e.g. CISSP, CISM) would be ideal
The role will be Manchester based but involve some travel to other UK offices. For more information, please make an application including your CV or call for a confidential conversation.
At point of job offer, the successful application will go through pre-employment screening including CRB check, credit check and employment referencing.