Information Security and Compliance Manager

Steria Recruitment
Edinburgh Technopole, UK
08 Oct 2019
24 Oct 2019
Contract Type
Full Time
CTO/Information Security



Reporting to

Information Security Governance & Compliance Manager

In a nutshell

The Information Security team are responsible for overseeing the operation of controls that manage the business risks associated with maintaining information confidentiality, integrity and availability.

Your role will be to protect our customers from information security related threats by supporting all divisions to be compliant with the Information Security Policy Standard and supporting controls framework.

What you need to do
  • Oversight that the Information Security Policy Control objectives are being operated across business units.
  • Coordination of Business Impact Assessments for standardised control identification, implementation and operation.
  • Oversight that technical & procedural controls are designed adequately within business processes
  • Design of a defence in depth oversight framework for implementation across service suppliers from bidding, on boarding, design, operations and decommissioning
  • Cross divisional stakeholder management
  • Manage Information Security requirements with key partners, ensuring that the ever changing threat landscapes have both adequate and effective controls to mitigate the risk within appetite.
  • Utilise the Bank Risk Management Framework to ensure that Information Security Risks are effectively managed and communicated.
  • Stay abreast and monitor the changing threat, regulatory and industry landscape to ensure that key requirements are understood and delivered within projects and within business processes.
  • Develop best practice in relation to Information Security management and control, influencing colleagues at all levels.

What you need to know and show
  • Experience with technical and or procedural security in some of; IT infrastructure security, IT security operations, application security, PCI-DSS, physical security, security threat analytics.
  • Knowledge of ISO27001/2, CISSP, CISM.
  • Experience in the financial services industry.
  • Well organised and able to prioritise workload in line with tight deadlines and work effectively under pressure.
  • Highly numerate, with excellent analytical and problem solving skills and attention to detail.
  • Excellent team player with ability to working closely with others to deliver results.
  • Customer focused.
  • Proven track record of working on own initiative, with the ability to introduce fresh thinking to the role and the wider team.
  • Demonstrate an ability to think and reason logically.
  • Strong relationship management skills.
  • Excellent written communication - both new concept and project assurance reports.
  • Exceptional communication skills - ability to communicate effectively with anyone in any environment, e.g. able to translate complex / technical issues to meet the audience's competency level.
  • Experience of managing Information security in an outsourced IT and outsourced business environment would be beneficial.

Intelligent Resource is committed to barrier-free and inclusive recruitment. We are a Disability Confident recruiter, and a RIDI 100 and Business Disability Forum partner organisation.

Should you choose to contact Intelligent Resource regarding this role or apply for it, all personal data you submit to us will be processed in accordance with our Privacy Notice which you can find on our website.

Similar jobs

Similar jobs