Information Security Manager

Applications have now closed

Please visit our main job board to see all our current vacancies.

Information Security Manager

There are no reports at this stage. However the team is growing so may have reports in the future Currently a total of 6 people in the security function. Role is around IR, Processes, procedures, education and awareness, risk and audit. They have technical people so not looking for someone to be too technical but compliment those technical people in the team. Strong Stakeholder mgt, can translate tech speak up and down with good presentation skills

Job Description

Information Security Manager Ealing based - up to £62,000

The post holder will report to the Head of Information Security and will be joining at an exciting time and will be provided with great development and progression opportunities.

Join a dynamic and high performing information security team tasked with protecting information assets and enabling ambition to become a digital organisation
Help lead, develop and deliver the information security strategy, including:
Further maturing the information security capability and function
Further improving the security posture
Further raising awareness of information security amongst colleagues
Reducing exposure to Cybersecurity risks
Deputise for the Head of Information as and when required in meetings with senior internal and external stakeholders
Mentor junior members of the team and colleagues

Lead on information risk management approach and activities, including:

Performing information security risk assessments and maintaining the information security risk register
Designing a controls framework and selecting proportionate controls to mitigate against identified risks
Undertaking information security audits
Reporting of management information (MI) on compliance and risk posture.
Be a subject matter expert (SME) to provide security consultancy and requirements to new IT projects and business change/led initiatives, to ensure the requirements incorporated into the designs, and built into final solutions, and to support projects team in the vendor/solution selection process

Lead on and manage information security improvement projects and initiatives
Lead on the supplier assurance program, including undertaking supplier security assessments, reviewing supplier questionnaires responses, co-ordinating the inclusion of security and/or data protection schedules into supplier contracts
Develop new as well as review and maintain existing security policies, standards, procedures and guidelines within the Information Security policy framework
Build upon and to contribute to the delivery of the existing enterprise wide information security awareness programme which aims to make the topic of information security fun and engaging
Work collaboratively with stakeholders from across the business, primarily via the Information Security Working Group (ISWG) forum, to help embed security principles and good security behaviours into the respective departments
Manage and co-ordinate the monthly information security working group meetings and actively engage the stakeholders in that forum
Manage and co-ordinate the incident response process, working collaboratively with the security analyst to help effectively contain, respond, and resolve any security incidents and breaches
Maintain up-to-date knowledge of the Information and cyber security industry including awareness of new or revised security solutions, improved security processes and the development of threat landscape

About you:
A pragmatic approach to information security
Extensive information security and/or cybersecurity experience
Experience in developing information risk management frameworks, conducting information risk assessments, maintaining a risk register and articulating information risks using business friendly language
Experience in delivering a supplier assurance programme and managing supplier related information risks
Experience in defining security requirements for new IT projects and initiatives, and helping project teams embed security into business processes, IT solutions and systems
Experience in delivering security improvement projects
Experience in developing security policies, standards and procedures
Experience in and understanding of working in a digital environment and/or be involved in digital transformation programmes
Relevant security certification (e.g. CISSP, CISA, CISM, MSc in Information Security)
Excellent written and verbal communication skills, and ability to articulate information security concepts and principles in business friendly language
Excellent stakeholder management and influencing skills, and ability to build and foster strong relationships at all levels
Enthusiasm and passion for all things information security
Knowledge of and working experience in Data Protection will be desirable

This role is subject to a DBS check.

Please email your CV or contact Claire New on 02392 458047

This vacancy is being advertised by Advanced Resource Managers. ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions.

Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.

Advanced Resource Managers IT Limited operates & advertises as an Employment Agency for permanent positions and as an Employment Business for contract/temporary positions.

Key Consultant

Claire New

team member 16a

I am an IT security recruitment consultant working with candidates and companies in the data loss and leak prevention sector. I specialise in recruiting professional services, pre-sales and architects and consultant sales. I particularly enjoy meeting and working with new clients and candidates.