Who we are looking for
An Information Security Governance Manager, who will manage systems and processes that will enable the Business to maintain an effective information security policy and assurance framework.
Reporting directly into the Head of Information Security Governance, you will focus on managing a team of Information Security Auditors, covering ISO27001 and Payment Card Industry Data Security Standards (PCIDSS), to ensure that we meet our regulatory compliance requirements.
You will be a contributor and a champion of the Business culture, focussed on driving success within the team. You must be confident and have trust in the team, but also implement an appropriate level of governance to ensure success.
This role is eligible for inclusion in the Company’s hybrid working from home policy.
Preferred skills and experience
* ISO27001, PCIDSS and ISO9001 Auditor qualification.
* Strong analytical and problem solving skills.
* Ability to manage multiple audits simultaneously.
* Ability to evaluate the effectiveness of policies and procedures.
* Knowledge of relevant security frameworks such as NIST, ISO27001 and PCI DSS.
* Strong written communication and documentation skills, with the ability to produce clear, concise and detailed reports.
* Ability to clearly convey information to all stakeholder levels.
* Confident in presenting ideas and solutions.
* Excellent organisational, administrative and time management skills.
Main Responsibilities
* Preparing for the ISO27001 audits and the annual compliance audits for the UK Gambling Commission, alongside any other audits that have an information security component.
* Assisting other teams in their audit requirements.
* Ensuring information security controls are followed and continually evaluated throughout the Business.
* Creating, managing and ensuring appropriate review of all information security policy documents and offering innovative control solutions.
* Demonstrating awareness and initiative whilst communicating with peers and management.
* Contributing as an active team member in projects, BAU activities and consulting information security matters throughout the Business.
* Advising junior team members.
* Maintaining knowledge of current and emerging requirements, regulatory changes and trends.
* Learning, actively sharing knowledge and fostering exchange of skills whilst identifying opportunities to enhance compliance.
* Updating and extending team processes as necessary to accommodate Business needs.
“By applying to us you are agreeing to share your Personal Data in accordance with our Recruitment Privacy Policy - “