Information Security Manager
||£40,000 (pro rata 0.6-0.8 week) 12 month FTC+ competitive pension
Frontline is a growing social work charity full of hard working, creative people. We need a talented project manager with a great eye for detail, a talent for making the complex relatable and a proactive, can-do approach that builds relationships and engagement at all levels. First and foremost, you’ll need to really care about helping vulnerable children and families, closely followed by a passion for the importance of information security, and you’ll need to be able to convince others to take it just as seriously. If this description sounds like you, we’d love to hear from you.
This role provides an opportunity to develop and implement the strategy for information security management across the organisation. You will lead on ensuring we are compliant with data protection and ICO guidance and laws. This is a great opportunity to lead on educating the organisation on what is required and embedding knowledge and related processes.
The Information Security Manager will provide project management as well as day-to-day and strategic oversight for all information security management and data protection responsibilities across the charity. This includes developing and maintaining all information security and data protection policies and standards in line with compliance requirements, e.g. data protection legislation and ISO27001. The role will also ensure all data and information risks are identified and managed to maintain the compliance standards within Frontline; making sure that the trustees and senior management are kept up to date with emerging issues and Frontline’s response. The Information Security Manager is also responsible for monitoring and reporting on the progress of all issues in accordance with ICO guidance and ensuring that we meet regulatory and contractual requirements.
-Organisational lead for Information Security (IS); ensuring IS responsibilities are
considered within projects.
-Reviewing and evaluating on-going risk against regulatory and contractual obligations.
-Chair the Information Security Management Review Group.
-Maintain effective controls to ensure that Frontline is compliant with Information
Security Standards, such as those within ISO27001.
-Conduct regular reviews of policies and standards, making sure that they are aligned to
-Lead on an information security education and awareness campaign across Frontline.
-Maintain and manage an Information Security Risk Register and ensure key risks feed
through to the cross-organisational Risk Register.
-Monitor latest developments in information security and implement changes as
-Produce information security management information and make available to all relevant
groups, Committees and Boards as required.
-Work with the outsourced IT department to ensure network and IT systems security.
-Act as the designated lead on data protection.
-Inform and advise the organisation and its employees about their obligations to comply
with GDPR and other data protection laws.
-Monitor compliance with the GDPR, and other data protection laws, including managing
internal data protection activities
-Be the first point of contact for supervisory authorities and for individuals whose data is
-Provide accurate and timely risk-based advice on data protection issues, striking a
balance between legal/regulatory requirements and the wider interests of the charity.
-Monitor and respond to developments in privacy, i.e., new laws, regulations, regulatory
-Develop and manage data protection training across the organisation through userfriendly
guides, presentations and group workshops.
-Lead on dealing with data subject access requests.
-Lead on the planning and implementation of data protection and/or ISO 27001
compliance audits across Frontline and ensure steps are taken to address any
-Oversee and ensure the implementation of robust procedures to respond to any
suspected data breaches, in accordance with ICO guidance.
Experience and knowledge
-Experience of designing and implementing Information Security Management Systems
and/or Data protection frameworks.
-A track record of successfully coordinating or managing information security and Data
-High level of IT literacy, ideally with experience of working with and rolling out data
security systems and solutions.
-Good knowledge of current security standards and regulations and data protection
Characteristics and skills
-Strong project management skills with the Ability to manage multiple and complex
-Ability, courage and tenacity to manage, challenge and influence stakeholders and to
escalate matters as appropriate.
-Aptitude for problem solving in order to make proactive and pragmatic recommendations.
-Sound and confident judgment.
-Excellent written and verbal communication skills.
-Ability to explain and communicate complex, technical ideas to colleagues with varying
range of expertise, interests and backgrounds.
-Diplomacy, confidentiality and political sensitivity in order to coach and challenge at a
-Self-motivated with the ability to prioritise workload effectively.
Education and background
-Degree (or equivalent)
-Right to work in the UK
-Interest in, and commitment to the Frontline programme, mission and values
-This post is subject to an enhanced police check of previous criminal convictions with
the Disclosure and Barring Service (DBS)
-Practical experience of ISO27001 compliance standards
-Relevant qualifications and/or professional certifications in information security, e.g.
CRISC, CISSP, CISA.
Deadline for applications is 5pm 4th December.
To apply for this position please click the APPLY button!