The Bristol Port Company have an opportunity for an Information Security Manager to join the IT team.
Location: Avonmouth, Bristol BS11 9DQ
Salary: Competitive Salary + Benefits Package
Job Type: Full-Time, Permanent
Information Security Manager – The Role:
As a key member of the IT team, the Information Security Manager will play a pivotal role in advancing The Bristol Port Company's information security strategy, ensuring the confidentiality, integrity, and availability of our cyber and information security assets.
You will be accountable for progressing and maintaining our Cyber Assurance Framework (CAF), ensuring its adherence and maturation.
This role will focus on three key areas:
- Risk Assessment & Remediation: Assess information risks and facilitate the remediation of vulnerabilities within the company’s network, systems, and applications, in alignment with the CAF.
- Security Improvements: Implement security enhancements, including user training, security controls, and process improvements.
- Security Team Management: Lead the security team and manage third-party SOC operations to maintain optimal security protocols.
You will be responsible for reporting findings, recommending corrective and preventative actions, and identifying opportunities to reduce security risks.
This position involves hands-on work, team leadership, and cross-functional stakeholder management, working alongside other IT departments and the broader organisation to ensure leadership in security. A combination of technical, organisational, and communication skills will be essential to succeed in this role.
Information Security Manager – Key Responsibilities:
- Drive rapid organisational change and develop a culture of security
Maintain and progress the CAF
- Support the Company’s security goals, ensuring compliance needs are met
- Report to IT Director and other senior leaders on security posture and metrics
- Create and maintain security policies, processes and procedures in line with Port structure and industry best practice
- Manage day-to-day security team and BAU work
- Proactively monitor the cyber threat landscape and report on emerging threats and risks
- Work with our 3rd party SOC to maintain and improve our service and protection
- Lead the security incident response process when required
- Ensure security risks are identified, logged and managed
- Co-ordinate and progress security assessments, including pen testing and audits
Information Security Manager – You:
- You should hold a CISSP or other relevant Information Security Qualification
- You must be able to demonstrate a good understanding of information security frameworks, standards and security best practice (ISO27001, NIST CAF, OWASP etc.)
- You must have knowledge of data protection legislation and regulatory requirements
- You will have experience and an understanding of security tools and concepts (e.g. SIEM, IDS/IPS, RBAC, vulnerability management etc.)
- You will have a good understanding of security incident management and incident response processes and activities, as well as distributed technology estates, multi-centre and multi-device (IoT)
- You will also have an understanding of cloud/COTS/SaaS platforms and offerings
- You will need to have experience of management briefings and senior leadership presentations
- A full driving licence and your own transport are essential for this role
Information Security Manager – Benefits:
- Pension scheme
- Onsite GP service
- Onsite gym
- Subsidised canteens through voucher system
- Cycle to Work scheme (subject to qualifying period)
Application Process:
Please be aware, due to the nature of the role, only candidates eligible to both live and work in the UK will be considered for the role. No sponsorship or relocation packages will be offered for this role.
To apply for this Information Security Manager position, press ‘Apply’ today