We are seeking a Data Protection and Information Security Oversight Manager to join our Governance team. This role can be based in our Cheltenham, Glasgow, Leeds or Liverpool office working on a hybrid basis.
The Information Security Manager will work closely with colleagues in IT and work with the wider business to maintain and enhance our Information Security posture and to retain our ISO27001 and Cyber Essentials certifications.
Responsibilities:
Assist in developing and executing a comprehensive data protection strategy aligned with business objectives and regulatory requirements
Create and maintain data protection policies, standards, training, and guidance notes to ensure compliance with applicable laws and best practices
Provide expert advice and guidance on privacy-related matters, including data sharing, international data transfers, consent management, data subject rights, data incidents, vendor risk management, and privacy complaints
Facilitate the development and on-going maintenance of the ISO27001 ISMS. Work with IT to design and define Data Protection policies. Planning, organising, supervising and where necessary, carrying out (ISO27001) external and internal audits
Assisting with the development and maintenance of the Business Continuity Plan, Cyber Incident Response Plan and Disaster Recovery Plan and any associated testing and maintenance
Ensuring adequate internal action and timely response for data security related incidents
Providing consultancy and guidance to Business Areas regarding Information Security, Data Protection and Legal and Regulatory requirements, including audit support
Assisting Business Areas in understanding and responding to security audit failures reported by auditors
Experience/Qualifications:
Proven experience in Information Security and Data Protection
Understanding of ISO27001 and Cyber Essentials / Cyber Essentials Plus certification requirements
Proven experience in writing and implementing policies and procedures
Experienced Data Protection Officer / Manager
Experience of running an ISO27001 internal audit programme
Experience of managing an information security awareness programme
Benefits Summary
Competitive discretionary annual bonus
Core benefits paid for by BW including life assurance, group income protection, private medical cover and 25 days holiday per year with holiday trading
A generous pension scheme where we contribute 8% of your salary from day one of your employment
Employee Assistance Programme to support you and your family through any concerns or challenges you may experience
A comprehensive range of voluntary benefits to suit your life stage and lifestyle including a tech scheme, cycle to work scheme, dental cover, healthcare cash plan, health assessments, critical illness cover, extension of private medical cover or life assurance to family members, gym membership, travel insurance and a broad range of discounts at hundreds of retailers including supermarkets, fitness centres, travel and leisure companies
Happy to talk flexible working
Accessibility
We are a Disability Confident Employer. If you require reasonable adjustments or want more information on accessibility, please click
Follow Barnett Waddingham on