Information Security Manager

Leading Talent Solutions
Salisbury, UK
10 Aug 2019
07 Sep 2019
Contract Type
Full Time
My client is looking for a new Information Security Manager to join their team based in Salisbury. This is a new fantastic opportunity for someone who is looking to move into their first InfoSec Manager role.

The role

Reporting to the Head of IT Operations the Information Security Manager will be responsible for maintaining Information Security policies and controls, in addition to application, infrastructure and network security reviews of local, national and international operations to ensure the security of all Information Security assets.

The Information Security Manager will be involved with the prevention, identification and detection of IT and information security risks over the entire business environment supporting the company's operations and key processes.

The Information Security manager will also be responsible for discussing the control weaknesses noted from the Information Security audits to local and/or senior management and develop recommendations to address them.

Key responsibilities
  • Execute audits efficiently including analysis of business data and IT systems by liaising with the IT and other departments and/or as standalone technical reviews.
  • Support and manage the on-going ISO 27001 audit activities including preparation for the annual audit by BSI.
  • Assist the Head of IT Operations, Infrastructure Manager and the Head of Risk with the planning and scoping of audits.
  • Support, manage and enhance the ISMS system including scheduling of audits, reviews and management of documentation.
  • Carry out a continual improvement process with risk assessments in both methodology and scope by testing and evaluating operational & IT processes and the effectiveness of existing controls (encompassing policies, procedures and standards).
  • Identify and clearly define control issues, including root causes. Review and evaluate the adequacy of internal controls and compliance with IT security policies and procedures.
  • Develop and review policies, controls and standards where appropriate.
  • Develop and monitor the Information Security audit schedule.
  • Regularly interact and communicate with management to discuss the present audit results, gain acceptance and provide advice to Remedy the audit issues or weaknesses discovered.
  • Standardise the reporting format so audit results are communicated to senior management in a consistent fashion.
  • Develop and maintain professional, credible relationships with key stakeholders (IT, Business & Risk) including relevant third parties and strategic suppliers.
  • Complete security audits on third parties.

Job knowledge, skills, qualifications and experience required:
  • Certified to either CISSP or CISM level
  • Degree educated.
  • Good written and verbal communications skills
  • Advanced Excel skills.
  • Good understanding of Information Security Management Systems and ISO27001 domains including controls.

Similar jobs

Similar jobs