Information Security Manager


Premium Job From BCT Resourcing

Recruiter

BCT Resourcing

Listed on

7th October 2020

Location

Sheffield

Salary/Rate

£40000 - £40000

Type

Permanent

Start Date

2020-10-07

This job has now expired please search on the home page to find live IT Jobs.

Reporting to the Head of Information Security, you will principally advise and enable technical teams to make security decisions and provide advice and guidance, ensuring the effective use of common tools and patterns. You will have a proactive responsibility to assist in the delivery of secure systems and implement proportionate controls by working with Product, Change, Risk, IT teams and 3rd party vendors.

Main duties:

Implement ISO 27001 framework and Information Security Management System (ISMS).

Lead on compliance reviews, certifications and accreditations (e.g. ISO27001, Cyber Essentials, GDPR etc.).

Implement effective and appropriate GRC controls and measures to protect systems and data.

Identify, communicate and manage current and emerging security threats with relevant stakeholders.

Develop Information security compliance frameworks, security policies and procedures, where necessary.

Work with business, internal IT and 3rd party vendor teams to promote and adopt security best practices.

Work with Security partners, Managed Security Service Provider (MSSP) to conduct and review regular security assessments of vendors and solutions (SaaS, IaaS providers and MSSP).

Knowledge and experience:

Comprehensive understanding of Information Security Frameworks (e.g. ISO 27001, NIST CSF, [and Cyber Essentials) and UK and UK Data Protection Act 2018 including GDPR.

Monitoring and reporting on compliance with security and data protection policies, as well as the enforcement of policies.

Knowledge of security technologies such as IDS/IPS, vulnerability testing and Firewalls.

Familiar with HMG Security Policy Framework requirements and Government Security Classifications.

Qualifications:

Degree qualified and/or MSc Information Security desirable.

CISSP, CSSP, CISM, Cybersecurity or similar certifications.

ISO 27001 Lead Implementer or Lead Auditor certification.

You are currently using an outdated browser.

Please consider using a modern browser such as one listed below: