Information Security Manager
Recruiter
Listed on
Location
Salary/Rate
Salary Notes
Type
Start Date
This job has now expired please search on the home page to find live IT Jobs.
Information Security Manager | Permanent The risk, compliance and technology directorate comprise of the compliance team, enterprise risk team, the IT team and the facilities team. It delivers numerous change projects across regulatory compliance, reporting and delivery of the IT and physical environment in which the corporation operates. The Information Security team within the compliance function is accountable for the development, implementation and on-going maintenance of the three ISMSs (Information Security Management Systems) across the Corporation and its two key suppliers, all certified to ISO 27001 and acts as the body responsible for ensuring Data Protection Act compliance across the business. The Information Security Manager reports to the Head of Information Security and is responsible for operating and managing the ISMS processes in line with the Information Security Policy, Standards and Procedures in order to maintain ISO 27001 compliance. Experience and technical skillsThe employee will be able to demonstrate the following experience and technical skills:A broad knowledge base in various technologies and platforms found in most businesses and a sound foundation in accepted security practices and solutions.Solid experience of implementing and maintaining an ISO 27001 certified ISMSSolid experience dealing with 3rd party suppliers on security and ISMS related deliverableSolid experience of interpreting penetration, non-functional and vulnerability testing results, articulating highly technical risks in business terms.Experience of mentoring, developing junior members of staff.Personal attributes requiredThe role will require someone with the following personal attributes:String people management and supplier management skillsStrong stakeholder management skillsGood advocacy skills to ensure that the organisation's information security requirements are taken seriously and adhered toThe ability to explain complex technical requirements using clear and unambiguous languageThe ability to see the big picture, as well as understand and challenge the detail when required.Willingness to work with others, excellent teamwork, and excellent communication skillsThe ability to cope with multiple tasks/projectsEducation, qualification and professional membership requirementsThe successful candidate will have the following skills and education:Appropriate security qualifications eg CISSP, CISA, CISM or equivalent.ISO 27001 Auditor/Implementor (beneficial).Educated to degree level or equivalent (ideally in a security or computing related discipline).
