Information Security Manager
Location: UK - remote/home-based.
Salary: £55,000
A blue chip organisation is seeking a talented Information Security professional to manage Information Security policies within their business. The role is a combination of Information Security maintenance and auditing to ensure the protection of all the information/data and technical assets supporting the business.
You will ensure there are appropriate controls in place (Policies, Standards, Procedures, Processes, and Guidelines) and auditing to determine compliance against these controls. As such, the role will help shape the security culture within the organisation.
You should be passionate about embedding information security into the daily operations of an organisation, possess strong risk management skills, and have a working knowledge of ISO 27001.
Responsibilities:
1. Implementation of policies to ensure compliance with Information Security protocols
2. Ensure the company maintains their IS status
3. Provide expert advice to the wider business on Information Security policies and measures
4. Continually monitor the effectiveness of information security policies and promote improvements when necessary
5. Conduct staff training into information security awareness
6. Ensure that the business is compliant with all relevant Information Security Policies and standards
7. Undertake risk assessments on information security controls
8. Work with project teams across the business in relation to information security
9. Ensure the company maintains their Cyber Essentials certification
10. Completion of client infosec audits
11. Manage security incidents
12. PCI DSS assessment
Applicants should meet the following criteria:
1. An experienced Information Security professional with strong technical skills who is happy to ‘roll up their sleeves’ and dive into the day-to-day work as well as the high level.
2. Strong experience of information security standards; ISO27001
3. Experience of undertaking Information Security risk assessments
4. Strong interpersonal skills with the ability to work with stakeholders across the business
5. Someone who understands how information security fits into a company commercially - balancing best practices with the reality of a business.
6. A skilled communicator who can articulate infosec training to the business in an engaging and accessible way.
For a confidential discussion please forward your CV. #J-18808-Ljbffr