Information Security Manager & Consultant

  • Consulting
  • London

Information Security Manager & Senior Consultant Split Remote & Office Working (Office in Surrey / London Outskirts) 50,000 – 70,000 This opportunity will see you join a leading provider of world-class IT solutions. Their growing portfolio of services includes cloud, security, licensing, SAM, storage, virtualisation and managed services. This is a dual role provides two key functions to the business: Information Security Manager – responsible for internal data protection requirements and ISO 27001. Senior Consultant – working with customers.

This role is ideal for anyone that has been providing information and cyber security consulting services to customers and is looking for better work life balance. The role will be split 50:50 between being responsible for internal data protection and ISO 27001 for the group & delivering customer consulting. The internal role will be focused on all aspects of data privacy from data privacy notices, data processing impact assessments, legitimate interest assessments through coordinating subject access requests as well as all other aspects of data privacy requirements. The ISO 27001 aspects of the internal role will focus on ensuring compliance with ISO 27001 and coordinating evidence and audits.

This will work cohesively with the requirements of data privacy to oversee IT teams to ensure that business complies with Article 32 and its security and quality measures leading to sustained compliance and successful audit under IASME Governance Audited. The role will also require response to 3rd party security questionnaires under the direction of the Head of InfoSec & Cyber Compliance. Customer consulting will focus on areas of audit and advisory – ISO 27001, PCI DSS (if qualified or if interested in becoming qualified), Information Security Forum Health checks, NIST Cyber Security Framework, CIS Top 20 Critical Controls, and 3rd party assurance activities. Responsibilities: To maintain internal controls and requirements for data privacy, respond to requirements and handle requests across the business.

To oversee requirements for the maintenance of ISO 27001 and IASME Governance Audited. To work with the relevant teams across the business to deliver information security and data privacy services. To assist with helping conduct information and data privacy risk assessments within the organisation. To directly deliver 10 days of Audit & Advisory consulting per month – focusing on ISF Security Health check & Benchmarking, ISO 27001, PCI DSS (desirable), Data Privacy, and general security consulting to customers.

To deliver the requirements of a data protection manager and to advise the organisation on its responsibilities under the Data Protection Act. To interact with the teams for ISO 27001 and ensure that all paperwork and requirements are met for the ongoing maintenance of certification. Interacting with the sales team to ensure that new business is scoped appropriately for delivery of a single engagement. Managing customer engagements and being responsible for the quality / timeliness of all work directly delivered.

Delivering high quality engagements to customers and delivering real value to them. Professional Qualifications Certified ISO 27001 Lead Implementer / Lead Auditor qualification(s) or other relevant information security qualifications Data Privacy certification (desirable) or suitable experience (essential) PCI QSA (desirable) Other Requirements Ability to pass BS7858 / NQA 3000 or HMG SC vetting requirements. Digital leadership skills – capable of motivating individuals to engage in relation to data privacy and information security management. Solid people skills – interacting positively with all levels of personnel, whether internal or from external customers / partners.

Ability to adapt to a fast-moving security landscape and keep pace with latest thinking. Strong customer focus – able to meet the demands of internal and external customers. Excellent communication skills – providing verbal and written communication to Head of InfoSec & Cyber Compliance, Head of Audit & Advisory as well as other stakeholders, including customers. Can make decisions that are well informed and timely.

Has good time management, can handle conflicting priorities, and deliver excellent levels of quality.

Tagged as: Reed Sec. Mgr.

Source:

Before applying for this position you need to submit your online resume. Click the button below to continue.