JOB TITLE: IT Manager and ISO 27001 Implementation Lead
DEPARTMENT: Technical and Engineering
DIVISION: Technical
REPORTS TO: CTO
JOB LOCATION: London / Hybrid
The IT Manager and ISO 27001 Implementation Lead role is a focused position combining management of the organisation's IT systems with leading the implementation of ISO 27001 and then keeping it maintained. This role requires that the successful candidate takes ownership of the Information security management system and IT management within the organisation.
This is an exciting opportunity to contribute significantly to the company's commitment to data security, compliance, and innovation.
KEY DUTIES AND RESPONSIBILITIES
IT Management
1. IT Infrastructure Oversight: Oversee IT infrastructure to ensure it is secure, efficient, and scalable.
2. Cybersecurity Management: Implement and monitor security measures such as firewalls, antivirus software, and access controls to safeguard IT systems.
3. Liaison: Act as the primary liaison with our managed IT service partner, ensuring smooth operation of internal and external systems aligned with business objectives.
4. Technology Strategy: Contribute to the development of an IT strategy that supports organisational goals and adapts to new technologies.
5. IT Policy Development: Establish and enforce IT policies, procedures, and governance frameworks.
ISO 27001 Implementation Lead
1. ISMS Implementation: Lead the implementation of an Information Security Management System compliant with ISO 27001, Cyber Essentials, and other standards using a compliance platform.
2. Risk Assessment: Perform risk assessments and implement appropriate controls to mitigate information security risks.
3. Policy Creation: Develop and document information security policies, procedures, and standards required for ISO 27001 compliance.
4. Training and Awareness: Support employee cybersecurity training programs and promote a culture of security compliance throughout the organisation.
5. Internal Audits: Coordinate internal audits to assess compliance with ISO 27001 requirements and organisation-specific security standards.
6. Incident Management: Establish processes for detecting, responding to, and recovering from security incidents in alignment with ISO 27001.
Operational Oversight
1. Incident Resolution: Lead the response to information security incidents and oversee the resolution of IT issues minimizing downtime and impact on business operations.
2. Vendor Management: Manage relationships with external vendors, negotiate contracts, and ensure SLAs are met.
Cross-Functional Collaboration
1. Stakeholder Engagement: Work closely with all teams to align IT and information security with overall business goals.
2. Regulatory Alignment: Ensure that ISO 27001 implementation aligns with other applicable regulatory frameworks (e.g., GDPR, HIPAA).
Reporting and Documentation
1. Reporting: Provide regular updates to the CTO and other senior management on the progress of ISO 27001 implementation and IT operations.
2. Certification Readiness: Prepare the organisation for ISO 27001 certification by ensuring all controls and processes meet audit requirements.
3. Continuous Improvement: Establish metrics to monitor the performance of the ISMS and IT operations, driving continuous improvements.
Your Profile
Experience and Knowledge
1. Proven experience in ISO 27001 implementation and certification.
2. Proficiency with compliance tools such as Venta, Sprinto, or similar platforms.
3. Knowledge of legislation and other relevant standards.
Skills
1. Excellent project management and organizational skills.
2. Ability to simplify complex compliance processes and communicate effectively with diverse teams.
3. Detail-oriented with a commitment to continuous improvement.
Qualifications
1. Bachelor's degree in IT, Computer Science, or a related field (or equivalent experience).
2. Proven experience in ISO 27001 implementation and certification.
Personal Characteristics
1. Analytical mindset with strong problem-solving skills.
2. A proactive and effective collaborator with a 'can-do' attitude.
The Company
TympaHealth is a team of doctors and technology experts united by a vision to help the world to hear. Currently, there are half a billion people in the world with disabling hearing loss. In the UK by 2030, hearing loss will overtake diabetes and cataracts in the top ten global disease burdens.
Our mission is to help the world to hear and make intervention more accessible and simplified both on a local and global scale. TympaHealth is growing fast and is currently helping thousands of patients a year access vital ear and hearing healthcare services in the UK, with plans to expand globally.
TympaHealth has created a collaborative and supportive environment where everyone is valued and encouraged to contribute their own ideas and opinions.
Salary & Benefits
A competitive salary and benefits package include:
1. 25 days holiday (increasing to 26 after two years) + Bank Holidays
2. Birthday Holiday and Christmas Holiday (three additional days)
3. 5% Company & Employee Pension Scheme Contributions
4. Life Assurance Scheme (four times salary)
5. Hybrid Working (one or two days in the office) (Based in London)
6. Remote GP and Medical Second Opinion Services
7. Mental Health Support
8. Physiotherapy (eight sessions per year)
9. Life, Money and Wellbeing Support
10. 360 Wellbeing Score, Insights and Calendar
11. Financial and Legal Support
12. 1-2-1 Lifestyle Coaching
13. Savings and Discounts
14. Perkbox
There has never been a more exciting time to join our team with our growth, focus on excellence, and opportunities for development in an inclusive, inspiring company. #J-18808-Ljbffr