Senior Information Security Manager

Recruiter
CloudPay
Location
Andover
Posted
26 Mar 2019
Closes
28 Apr 2019
Contract Type
Permanent
Hours
Full Time

Position Summary

CloudPay require an information security manager with experience in the following topic areas:-

  • Managing and Improving an ISMS to ISO27001 standard
  • Cyber risk assessment and management
  • Security controls, both physical and digital
  • Incident management, including BCP and DRP

Reporting to the CTO, you will direct the global ISMS governance initiative, managing the SecOps cross functional team and demonstrating continuous improvement on all aspects of security both cyber and physical. You will work in conjunction with the compliance and governance teams and will own and manage policies, processes and plans to safeguard the company's customers, data and reputation. Demonstrate ISMS compliance to external and internal auditors.

This is an opportunity to take the security stance of a complex global company to a higher level.

Package & Benefits

  • Salary: £60,000-£70,000 per annum
  • Competitive annual salary
  • 24 days annual leave, plus bank holidays
  • 4% pension contribution
  • Life assurance x4
  • Private medical insurance
  • Personal and professional development opportunities
  • Friendly working environment

Essential Duties & Responsibilities

  • Own the global ISMS
  • Ownership of security audits: ISO27001, SOC 1 type 2
  • Manage external auditors and represent the organisation in quality and security matters to external auditors and customers
  • Lead and manage the SecOps function within the IT team
  • Manage the technical risk register
  • Develop and enforce business wide minimum standards for information security
  • Take responsibility for physical security at all global locations
  • Business continuity planning
  • Incident management planning including breach management planning
  • Demonstrate a Return on Investment for security solutions and services
  • Act as a SME for security responses to external and internal parties such as prospects, clients and regulators
  • Maintain the register of standard responses to security questions for our business development team

Position Specifications

Essential

  • 5+ years' experience in a senior security related role such as infosec management or consultancy

Desirable

  • CISSP or CISM Qualified
  • SOCII (ISAE3402) experience
  • ISO27001 Auditor/Implementer

Similar jobs

Similar jobs