Information Security and Data Protection ManagerRemote WorkingUp to £70,000 per annumABOUT YOUR ROLEWe are happy to consider remote working applicants for this position on the basis that you are able to travel to our Nottingham offices once per month.
This role will establish and grow as 2nd line in our Buzz defence model for Information Security and Compliance in relation to GDPR, IS027001, Act 2005, PCIDSS and other related legislation / guidance. You will be responsible for setting and implementing all policies and procedures into the 1st line functions, staying abreast with regulatory changes and ensuring training is provided at an appropriate level throughout the organisation.
As a subject matter expert in all aspects of Information Security and Data Protection you will take the lead in ensuring that Buzz's data and systems are protected from information security threats, both cyber & physical and oversee our compliance with GDPR/Data Protection best practice.YOUR TASKS AND RESPONSIBILITIES
ESSENTIAL SKILLS AND EXPERIENCE
- Lead and develop a team consisting of a data protection executive and an information security officer;
- Set the agenda and chair the Information Security Board (ISB) and Data Protection Board (DPB);
- Provide regular updates on information security and data protection matters at Executive forums;
- Develop, maintain and deliver a roadmap of information security and data protection enhancements;
- Ensure information security and data protection best practice is adopted across the organization through policies, procedures, coaching, training and communicating widely;
- Identify, recommend and drive technological and procedural changes that mature the information security and data protection landscape within Buzz;
- Act as the responsible owner for managing attempted or actual information security breaches;
- Proactively monitor changes to data protection legislation, communicating and managing changes as they apply to Buzz;
- Engage, manage and co-ordinate service providers of information security and data protection services/consultancy;
- Act as the Subject Matter Expert on information security and data protection for Buzz's projects and changes;
- Perform Privacy Impact Assessments on new products/services and ensure the completion of Data Protection Audits on business functions and key risk areas.
A LITTLE BIT ABOUT US...
- Experience in building a strong security culture, defining and establishing policies and processes across a medium-size organisation;
- Strong leadership and line management experience across the full management lifecycle;
- You should have up to date technical knowledge backed by an information security accreditation;
- Deep understanding and practical application of information security compliance (ISO27001, PCI DSS, ISMS, Cyber Essentials), data processing and IT security arrangements;
- Knowledge of Privacy and Data Protection legislation and a good working knowledge of the General Data Protection Regulations (GDPR);
- Experience running internal information security audits and training programs and overseeing the process of compliance with cyclical external audits;
- Understanding of risk management at organisational and information security levels;
- Ideally experience in both physical (retail) and digital business models;
- Strong influencing skills coupled with executive/senior stakeholder management;
- Strong communication, both written and verbal, being highly personable with ability to network with a range of stakeholders and become a trusted business advisor;
- Ability to work both at a strategic level and be analytical and detail oriented as the appropriate activity requires;
- Strong commercial acumen to work effectively alongside internal procurement function to achieve solid 3rd party agreements and relationships;
- Natural leadership with an ability to coach and develop your team and colleagues, adjusting and adapting to their different developmental styles and needs;
- Ability to work within a fast-paced environment and actively seek to move things forward by proactively overcoming challenges;
- Strong ethical standards and values and high level of integrity.
Joining us means joining our family. We know lots of companies say that, but we really believe it's true. Our teams in Club Support Centre and our clubs across the country are smart, energised, and passionate about what they do. We know each person here can make a big difference, so we'll support your professional goals, give you what you need to thrive, and help you accomplish the right results - whatever your role. We're dedicated to building Bingo's Buzziest Community every single day and making our players feel as much a part of our family as we do.