Job Purpose We at Cadent Gas ,are looking for an Information Security manager to join our amazing Security Program ,SecOps27, This programme modernises operational technology, integrates IT and operations teams, and uses evolving technologies to keep our assets secure.The hired person will ensure the successful delivery and management of security activities within budget. along with developing and implementing compliant security services, driving exceptional customer service, and utilizing data to improve performance with objectives and health and safety measures to reduce risks.Key Responsibilities • Cyber Security Assessment and Policy Development: Responsible for evaluating Cadent's cyber security posture and developing policies and plans to mitigate risks, enhancing the company's security within the risk appetite set by the Executive leadership team. • Policy Implementation and Information Protection: Ensure the implementation of policies and standards that protect the confidentiality, integrity, and availability of all information owned or processed by Cadent, across all formats and states. • Control Framework Management and Strategy Definition: Manage the Cyber Security control framework, assign relevant controls to functional team leaders, conduct audits, and define strategies, policies, processes, and guidelines for managing cyber security controls across Cadent’s networks, systems, and data. • Risk Assessment and Framework Alignment: Conduct cyber risk assessments, process maturity reviews, and control testing, monitor and report on cyber risks, and collaborate with the Central risk team to ensure compatibility with the corporate risk framework.Skills and Experience • Bachelor's degree in Computer Science or a related field. • Preferred: Information Security certifications such as ISO 27001 Lead Auditor, CISSP, or CISM. • Expertise in IT and security controls with a proven track record in developing, implementing, and managing security policies and strategies across enterprise networks. • Experience in conducting third-party security risk assessments and reviews. • Proven ability to deliver compliance programs for regulatory frameworks such as ISO 27001, SWIFT, and PCI DSS, with demonstrable competency. • Strong knowledge of Cyber Risk methodologies and frameworks, including the NCSC Cyber Assessment Framework. • Significant experience in defining and adapting security processes and controls to address emerging threats and vulnerabilities. • Thorough understanding of IT and security controls, network security principles, and cyber security within cloud environments (Azure, AWS, Salesforce). Cadent Gas Ltd