Information & Cyber Security Manager

This job has now expired please search on the home page to find live IT Jobs.

Information & Cyber Security Manager - EdinburghSalary up to £70k DOE (Partial or Fully Remote working available).Key strength will be the ability to review the current status of delivery, Identify and deliver service improvements and articulate business benefits as well as working with key stakeholders at senior management level.Responsible for ensuring that all account contractual security requirements are delivered, managing relationships with customers and suppliers at senior management levels.The role will require managing security activities such as risk, security incidents, changes, policies and implementation of ISO 27001, Cyber Essentials plus as well as any external audit requirements. Proactively promote security services and drive revenue opportunities.Working closely with the IT and the wider business to develop and improve the current security strategies and processes.Review and lead on the management of Cyber Security, covering people, physical, process and all technology aspects.ExperienceStrong managerial experience in Information and Cyber SecurityDriving innovation & continuous improvement.Versatility; Proven ability to adapt and learn in an innovative environmentExcellent communication and interpersonal skillsExperience delivering ISO27001, PCI-DSS, Cyber Essentials.Hands on experience securing Azure, O365 or AWS implementations.A broad technical knowledge of Infrastructure, Networks.A thorough understanding and an ability to engage all areas of IT.An ability to translate complex ideas to non-technical stakeholders.SkillsEvidence of Leading Security investigations, including responding to incidents involving malware, data loss, or network intrusionSecurity related qualifications such as CISSP, CISM, ISO27001 lead implementer or auditor, or equivalent experience.A solid understanding of GDPR and data protection and information governanceResponsibilities:Ensure that all information security policies and standards are aligned to the companies vision and values. Ensuring that all staff are informed about how to use them and are notified about subsequent changes.implementation, maintenance and management of security procedures information security requirements, anti-fraud, incident management procedures, Business Continuity and Disaster Recovery.Ensure the delivery of ISO27001 commitment.Develop and deliver a sustainable and targeted information security awareness and training programme, relevant to the diverse nature of end users, to improve information security awareness amongst all employees, clients and partners.Delivery of a SOC in line with Devops projects and business growth.Create a security by design culture across Devops & Data teams.Ensure we have a defence in depth strategy across our networksIdentifying Security and Data Protection related risks and provide proportionate mitigation options and advice to business risk owners for decision making.Conduct of security assurance and compliance audits.