Information Security Manager

  • Management
  • London

Information Security Manager – Central London with Flexible working We are delighted to bring to market an exclusive role with a truly fantastic client in central London. With current remote working options which will become a flexible working setup post Covid. We are looking an experienced Information Security Manager to help develop and outline all information security policies and procedures across a global estate. This is a role that requires someone capable of delivering from day 1 that has previous experience of leading the security management from inception to delivery.

The role will have plenty of externally facing responsibilities so we are looking for candidates with exemplary stakeholder engagement skills who can bring people on the journey with them. Main duties and responsibilities Build strong, collaborative relationships with the organisations technology teams to ensure that the agreed information security controls are understood and implemented effectively. Develop a network of effective partnerships across all department in order to maintain a regular dialog about information security, making information security part of everyday conversations. Introduce an information security engagement process (front door) to ensure that the security team is easy to approach and that all requests for security advice and assistance are channelled centrally and can be prioritised, tracked and delivered in a timely manner.

Provide advice and support to all areas of the organisation in relation to information security principles and application of controls. Promote/explain the agreed information security controls to technology and non-technology staff to ensure that they are correctly interpreted. Ensure that the security risk assessment process is embedded within the company’s solution design, software development, project and change processes. Plan and conduct security risk assessments of new and existing systems, prioritising work according to business criticality and types of data involved.

Work closely with the Operational Security Manager to understand emerging threats and vulnerabilities. Work with relevant parties to manage the remediation of issues. Identify security risks and submit them to the risk management process. Prioritise, plan and conduct cost analysis for future security services/initiatives to help deliver the information security strategy and roadmap.

Provide line management for one or more security team members. Mentor and coach more junior colleagues and provide support to peers. Contribute to the information security strategy by identifying additional services to meet the needs and facilitate best practice security. Assist the Operational Security Manager and IT Services in responding to and managing security incidents.

Work with technology teams and across the organisation to ensure that vulnerabilities are mitigated according to priority in a timely manner and that residual risks are accepted appropriately and recorded in the security risk register. Assist with security audits, including those conducted by external parties. Support legal and compliance efforts as required e. g.

Data Protection Act and assist with any response to security assurance questionnaires from external organisations. What we are looking for Previous experience in an Information Security management role or senior lead role will be essential. Strong knowledge or certification in a security related subject ie CISSP, CISM, CISA or similar. Excellent working knowledge of ISO27001 or at least one other security framework such as NIST.

Experience managing security initiatives from conception to completion. Good working knowledge of IT Infrastructure including networking, servers and storage, VPN and desktops across different operating systems i. e. Windows, Mac, Linux.

Proven ability to articulate security risks and control techniques to different audiences, verbally and in writing. Ability to translate security findings, risks and recommendations into clear and engaging reports that enable information owners and custodians to make informed choices about security risks. Strong interpersonal skills. A confident and engaging communicator able to adapt to different audiences.

Able to educate about information security in a sensitive and effective manner. It would be beneficial to be able to demonstrate experience in the following areas – conducting information security risk assessments. providing contextual security advice with accuracy and consistency. contributing to security policies and controls.

recommending technical and procedural controls to mitigate risk. ensuring regulatory compliance, particularly Data Protection. leading or supporting security incident response. Third Party Security Assurance.

If you feel you can demonstrate the required skills and are looking for a fantastic career opportunity, then get in touch for an initial chat. We are able to offer a strong starting salary coupled with market leading benefits and very flexible working options.

Tagged as: Reed Sec. Mgr.

Source:

Before applying for this position you need to submit your online resume. Click the button below to continue.