We are looking for an Information Security Manager to join our expanding Cyber Security team for a 6 month contact. The Information Security Manager is responsible for providing assurance, management and control of cyber security on behalf of our clients:
Key responsibilities:
- Identifies and reports systemic weaknesses in control effectiveness
- Specifies requirements for cyber Health Checks to ensure identification of vulnerabilities and testing of cyber security controls, and to protect other cyber systems. Manages the resulting remediating controls for the business
- Reports and where applicable investigates security incidents or breaches of security policy in accordance with local procedures and guidance.
- Chairs cyber security working groups
- Represents cyber security on Change Advisory Board
- Manages compliance in area of responsibility with organisational commitments to Codes of Connection with partners
- Contributes to development of cyber security policy
- Maintains the information security risk register ensuring that all known risks are appropriately assessed, and risk treatment plans are in place for all risks assessed to be above the organisations risk tolerance level.
- Ensures that the acceptance of risks by the organisation's senior management is properly recorded.
- Promotes a culture of information security awareness within the organisation.
- Plans and conducts a programme of internal and second-party audits to measure compliance with security policy and associated standards.
- May manage a team of Security Analysts on assigned client engagements
Skills & experience:
Essential:
- Broad technical background in ICT
- ISACA Certified Information Security Manager (CISM) certified
- Strong knowledge and experience with the ISO27001:2013 standard
- Certified ISO27001:2013 Lead Implementer and/or Lead Auditor
- Graduate or similar educational level
- Strong communication skills, both verbal and written.
- Stakeholder management
Desirable:
- ISO 22301 Lead Implementer and/or Lead Auditor certified
- PCI-DSS Internal Security Auditor (PCI ISA) certified
- CESG Certified Professional (CCP) ITSO certified
- ISACA Certified Information Systems Auditor (CISA) certified
- ISC2 Certified Information Systems Security Professional (CISSP) certified
Must be able to obtain Security Check (SC) vetting.
Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.