Senior Information Security Manager required for one of Glasgow's most prestigious professional services firms, in a permanent role.
The organisation operates across a number of countries and is in the process of reviewing all of the business services offerings. These roles are sitting within the wider Security function, and you are likely to be an experienced InfoSec Manager, still holding strong technical and security governance and risk knowledge.
This is a pivotal position across the organisation, and you will report into the CISO of the business, while both managing a team and being responsible for a robust information security framework. You will manage a team of 5 Security Engineers across two locations (different countries) and will need to have a background in looking after a small team. However, the key part to this role is having strengths across Governance and Privacy, as well as security governance/risk. Cyber essentials knowledge and ISO27001 certification would be an added bonus.
With the governance focus, you will still be heavily involved in projects and the delivery of these, alongside the setting of roadmaps and policies. It definitely still has a "hands-on" feel. Lastly, due to the nature of the business, you will be involved in both internal and external audits of clients. Having a professional services or consultancy background would come in handy.
The company you will be joining is undertaking large-scale business change, and there is plenty of work to be done now and moving forward. They treat their employees extremely well and have continued to grow over the last 5 years. They are looking for someone who can get into the Glasgow office, ideally a few times a week.
Key Skills and Experience:
1. A number of years as a Senior Information Security Professional, either as a Manager or senior member of a team
2. Ability to implement and maintain an information security governance framework such as ISO27001 and NIST
3. Ability to lead the infosec risk management processes, including Enterprise Risk Management Framework, Information Security Management System and NIST practices
4. Certifications such as CISSP, CISM or CRISC
5. ISO 27001 Lead Auditor or Implementer
6. Strong knowledge of information security principles, best practices, and standards
If this role is of interest, then please apply or call Hamish at Cathcart Technology for a chat.
#J-18808-Ljbffr