Group IT Compliance Manager
Froneri is a leading global ice cream and frozen foods company with a strong presence in Northallerton, United Kingdom.
Job Overview
The Group IT Compliance Manager will support the Froneri IT governance strategy by implementing and improving IT governance and compliance controls, conducting audits of suppliers, and enhancing staff awareness and reporting.
Key Responsibilities
* Implement and maintain the Information Security Management System (ISMS)
* Identify and assess information security risks and define mitigating controls
* Provide advice and guidance on information security best practice
* Schedule and report on information security training for staff
* Monitor and report on user compliance with information security policies
* Support audits related to information security and IT governance
* Carry out risk assessments as required by business processes and systems
* Identify and manage risks relating to organisational data with regular reporting
* Investigate and support vulnerability remediation for security breaches
* Support planning and implementation of Vulnerability Management and Penetration Testing
Key Skills and Requirements
* Track record of successful outcomes in information security, governance, or compliance
* Understanding of security standards, data protection, and compliance (e.g. ISO27001, GDPR, NIS2 & Information Commissioners Office)
* Experience in developing and implementing information security policies and procedures
* Working with senior stakeholders, legal/counsel, and technical/engineering teams
Desirable:
* Understanding of security technologies (e.g. SIEM, Secure Web Gateway, Single Sign On, Multifactor authentication)
* Experience with ISO27001 Implementation/Auditing and security training/awareness systems
Why This is a Great Job
This role offers the opportunity to lead the implementation and improvement of IT governance and compliance controls at a leading global company. The successful candidate will play a key role in maintaining a modern ISMS, ensuring compliance and controls, and enhancing cyber awareness across the organisation.