Information Security Manager
Information Security Manager
Contract: Full time
Salary: £40-50k per annum
Purpose of the Information Security Manager Position:
The Information Security Manager will be responsible for policy and standards of the security of all technology solutions and services. To act as security design authority and to devise and implement an appropriate security governance system and documentation framework.
For this Information Security Management position, you will have extensive process experience and knowledge of IT Governance & Security including PCI/DSS compliance, ISO 27001 and Data Protection.
Information Security Manager Primary Accountabilities:
- Must have strong and proven working knowledge of Data Protection and PCI/DSS as well as common security frameworks, e.g. ISO27001
- Development and maintenance of an IT security strategy, policy, security models, principles and associated documentation that together ensure the availability, integrity and confidentiality and organisation information assets and data.
- To identify and maintain an ongoing IT security risk catalogue, help identify appropriate tactical risk mitigation measures and drive their delivery to ensure the security of our IT systems and services.
- To identify key security stakeholders, and then work with them to prioritise the security initiatives and spending required to mitigate those risks identified and use continuous improvement principles.
- Direct or indirect involvement in the development of procedures that, together with above policy and standards, ensure the ongoing availability, integrity and confidentiality of information assets and data
- Work with other teams, within and outside the Digital Services team, to ensure that all new and existing technology solutions and services adhere to the security policy and principles, and appropriate risk management procedures are in place.
- Oversee incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary.
- Develop and implement a regular timetable of independent security tests and audits, taking appropriate steps to mitigate any risks discovered.
- An Articulate and persuasive leader, able to work collaboratively with senior management and able to communicate security-related concepts to a broad range of technical and non-technical staff.
Required skills needed to become the Information Security Manager:
- Educated to degree level or substantial work experience at a level demonstrating graduate ability
- Understanding of and practical experience of applying and implementing Information Security standard ISO/IES 27001, PCI DSS and the Data Protection Act, the freedom of Information Act and other related legislation, standards and codes of practice.
- Ability to lead and deliver change and contribute to culture change successfully
- Ability to influence at senior levels on matters relating to security and information risk
- Good verbal and written communication skills and able to communicate effectively at all levels
- Ability to manage time and priorities appropriately
- Positive attitude towards learning and development demonstrated by a record of continuing professional development.
- 24 days holiday+ bank holidays
- Monthly free lunch
- Generous pension scheme
We endeavour to reply to all applications; however, if you haven’t heard us them within 14 days, you have been unsuccessful with this particular role.
We are committed to supporting and promoting diversity in the workplace. We welcome applications from candidates regardless of age, belief, disability, ethnic origin/nationality, gender/gender reassignment, marital/civil partnership status, pregnancy/maternity, or sexual orientation - we recruit on the basis of talent.
If you feel that you may be suitable for this Information Security Manager role then please apply now!