Information Security Manager - Sheffield
£40,000 - £40,000
This job has now expired please search on the home page to find live IT Jobs.
Job title: Information Security Manager
Salary: Up to £40,000 depending on experience, plus benefits
Reporting to the Head of Information Security, you will principally advise and enable technical teams to make security decisions and provide advice and guidance, ensuring the effective use of common tools and patterns. You will have a proactive responsibility to assist in the delivery of secure systems and implement proportionate controls by working with Product, Change, Risk, IT teams and 3rd party vendors.
You will lead on compliance reviews, certifications and accreditations (e.g. ISO27001, Cyber Essentials, GDPR etc.), implement effective and appropriate GRC controls and measures to protect systems and data and identify, communicate and manage current and emerging security threats with relevant stakeholders.
Implement ISO 27001 framework and Information Security Management System (ISMS).
Lead on compliance reviews, certifications and accreditations (e.g. ISO27001, Cyber Essentials, GDPR etc.).
Implement effective and appropriate GRC controls and measures to protect systems and data.
Identify, communicate and manage current and emerging security threats with relevant stakeholders.
Develop Information security compliance frameworks, security policies and procedures, where necessary.
Work with business, internal IT and 3rd party vendor teams to promote and adopt security best practices.
Work with Security partners, Managed Security Service Provider (MSSP) to conduct and review regular security assessments of vendors and solutions (SaaS, IaaS providers and MSSP).
Knowledge and experience:
Comprehensive understanding of Information Security Frameworks (e.g. ISO 27001, NIST CSF, [and Cyber Essentials) and UK and UK Data Protection Act 2018 including GDPR.
Monitoring and reporting on compliance with security and data protection policies, as well as the enforcement of policies.
Knowledge of security technologies such as IDS/IPS, vulnerability testing and Firewalls.
Familiar with HMG Security Policy Framework requirements and Government Security Classifications.
Key competencies/ behaviors
Excellent attention to detail
Excellent data handling and numeracy skills
Sound analytical skills, problem solving, interpretation and judgement
Ability to develop into a subject matter expert and apply such knowledge to a role
Commitment to team working and providing support to team members
Degree qualified and/or MSc Information Security desirable.
CISSP, CSSP, CISM, Cybersecurity or similar certifications.
ISO 27001 Lead Implementer or Lead Auditor certification.