Job Description
IT Security Manager
Our Client is a large international organisation who are looking to recruit an IT Security Manager with at least 5 to 8 years proven expertise.
Responsibilities:
1. Provide advice, support and guidance to all Company Corporate functions to assist them to maintain and improve their information security maturity.
2. Work collaboratively with all areas of the Company Corporate and build networks and relationships to promote Information Security.
3. Act as subject matter expert on IT Security, including legal and regulatory compliance.
4. Advise Company Corporate functions on how to achieve the required controls and assist with solutions to support them, including the development of standards and their application in line with Group security policies.
5. Participate in Company BU's Projects giving support, guidance, control validation and overall security assurance.
6. Support and encourage the ethos and methodology of security by design.
7. Aid GRC to build, implement and facilitate a mechanism to aid BU's to assess and measure their security compliance to policies.
8. Drive the development of BU/Divisional security roadmaps.
9. Coach, train and educate the Company IT and Functions to upskill and increase the security maturity in BU's.
10. Produce, implement and standardise protocol and guidance material to support Business unit activities.
11. Facilitate and chair the security working group meetings.
12. Engage and manage third party relationships to support the Company and its affiliates.
13. Aid Procurement and the tendering process.
14. Raise the security baseline controls and standardise where it makes sense to do so.
15. Understand the different business requirements and align to their objectives.
16. Support Security operations to continuously improve information security awareness across the group.
Experience:
1. Experience in an information security risk leadership role within a large organisation.
2. Confident in presenting, discussing and championing ideas and concepts with senior stakeholders.
3. Experience of running information security risk governance processes and structures.
4. Familiarity with relevant industry standards for information security (e.g. ISO27001, NIST CSF).
5. Experience of creating, implementing and assessing against information security policies and standards.
Creativity:
1. Able to analyse complex, ambiguous problems and summarise clearly.
2. Able to bridge the gap between technologists and business-people.
3. Ensure initiatives/programmes are anchored in best practice whilst still being highly practical/pragmatic.
4. Ability to defuse situations and resolve conflict to a win-win outcome.
5. Influence others to understand their views and agree ways of working that are acceptable to all parties.
Business Acumen:
1. Able to identify when information security risks need to be escalated.
2. Able to prioritise security risks and controls.
3. Able to judge how to communicate messages to people to maximise buy-in and understanding.
4. Able to analyse data with rigour & reach sound conclusions.
Responsibility:
1. Responsibility of information security incident management.
2. Responsibility for security assessments and assurance activities.
3. Oversee and manage security compliance management and reporting.
4. Management of third parties and change management around project and change leadership.
The Client and the role is based in Central London - and you will be required to be in the office at least 3 days a week.
The salary for this position will be £75K + £85K plus Benefits.
Please do send your CV to us in Word format for this exciting new position along with your salary and availability. #J-18808-Ljbffr