We are looking for an Information Security Manager to lead and strengthen ElectraLink’s security framework. In this role, you will be responsible for developing policies, managing risks, and ensuring compliance with industry standards. You will also work closely with the IT and compliance teams and external partners to protect our data and systems.
This is a hands-on role where you will be the go-to person for security best practices, driving improvements and keeping the business updated on any potential emerging threats. If you have a strong background in information security and want to make a real impact, we’d love to hear from you.
We can’t wait to meet you!
Key Responsibilities
* Develop Information Security policies, standards and procedures and continually monitor the information security controls, KRIs/KPIs and technical landscape.
* Identify information security risks and maintain a risk register, advising on risk mitigation and remediation efforts, working with internal and external stakeholders.
* Identify security gaps and advise on risk mitigation and remediation efforts.
* Work closely with IT and wider stakeholders to promote and adopt security best practices and maintain the organisation’s security posture.
* Oversee the implementation and maintenance of security controls across the organisation to protect our valuable assets.
* Engaging with external third parties who provide services to ElectraLink and working closely with the Supply Chain Management Team to ensure appropriate and contracted levels of security are met.
* Work closely with IT and third parties that manage our customer solutions to ensure that critical security controls are in place.
* Act as the information security lead on relevant projects and initiatives undertaken by ElectraLink, providing information security subject matter expertise and working closely with associated SMEs to ensure projects are delivered in compliance with policies and standards.
* Conduct security assessments (internal and external with relevant suppliers) and ensure compliance and best practice is adhered to.
* Support the Head of Compliance and Data Privacy driving the Information Security strategy.
* Develop and coordinate incident response plans, lead on investigating suspected and actual security incidents, produce reports with recommendations and ensure any remedial action is taken, and lead post-incident evaluations to improve future security.
* Work with Head of Compliance and Data Privacy to investigate suspected and actual data breaches in accordance with the Data Breach Procedure, produce recommendations and ensure any remedial action is taken.
* Maintain knowledge of emerging information security trends, risks, new guidance, or standards (internal and external), and security enhancing technologies, communicate and manage current and emerging security threats.
* Advise on and manage implementation of security controls against industry standards such as the NIST Cyber Security Framework, ISO27001/2, SOC2, etc.
* Work with Business Improvement and IT to maintain appropriate information security certifications, including Cyber Essentials Plus and ISO27001.
* Deliver security awareness training.
What youll need
* 3 years+ proven experience as an Information Security Manager
* Industry certifications such as CISSP, CISA, CISM or ISO 27001 Lead Implementer are highly valued.
* Strong experience and understanding of information security frameworks and policies such as ISO 27001
* Clear communicator, in person and written, with the ability to clearly articulate ideas to both technical and non-technical audiences.
* Must be capable of working pragmatically and efficiently in both a team and alone.
* Experience developing information security policy documentation, working in line with best practice principles for information security.
* Experience of conducting information security based investigations and the management of such inquiries.
* Experience of working within or alongside an MSSP or SOC provider.
* Self-motivated, highly proactive, and an ability to lead on the end-to-end delivery of projects.
* Effective prioritisation and organisational skills, ability to manage multiple competing priorities in a fast-paced environment.
* Maintain and constantly enriching knowledge of information security and cyber risks as they develop.
Your key relationships in this role
Person / TeamNature of Relationship
Head of Compliance and Data Privacy: Line manager. Working together to drive the Information Security Strategy.
IT Team: Work in partnership with team members to manage security posture, but also ensuring that this team work to the required security standards.
Key third party suppliers: Work in partnership with team members to manage security posture, but also ensuring that this team work to the required security standards.
ElectraLink employees: Providing technical security expertise in a collaborative manner with all staff. Education and training on security and being able to objectively assess compliance with policies by staff, including conducting confidential investigations into potential policy breaches.
What we offer:
* Hybrid/flexible working including a four-day week!
* Private healthcare for you and your family which includes pre-existing conditions
* Employee Assistance Programme, Mental Health Cover and trained colleagues acting as Mental Health First Aiders (MHFAs)
* Company bonus and annual pay reviews
* Annual training budget and quarterly reviews to support your professional development
* Electric vehicle salary sacrifice scheme
* 50% off Fitness First
* Monthly social events organised by our Social Committee
* Open lines of communication throughout the business- your voice matters!
* Regular Employee Forum meetings to gather suggestions from the business on making ElectraLink an even better place to work!
* Innovative and open to new ideas to support our net-zero status
* Exciting, innovative and fastmoving company which is growing
* High challenge, high support working environment
Ready to apply?
We can’t wait to meet you. Get in touch with our recruitment team today!
J-18808-Ljbffr