Information Security Manager (GRC)
I am working with a client based in Central London who is looking for a Information security manager to join their information security team. This is a fast paced environment where you will be exposure to different environments and gain further experience within this field.
The individual will have ownership of all aspects of information security risk, compliance, and governance
Experience
- Assess and manage information security risks associated with changes, projects, third-party vendors, partners, and information assets.
- Client/Customer Security Questionnaires. Experience responding to Client/Customer Security Questionnaires regarding security posture of company.
- Security Risk. Experience with security risk management, inherent risk, residual risk, risk matrix, risk statements, risk register.
- Technical Understanding of Security Controls and implementation. Very good technical understanding of security controls including implementation of ISO27001, PCI DSS, Cyber Essentials also experience of SOC 2 Type II audits, security certifications. The ability to speak clearly about security controls to the business in simple terms.
- Communication. Excellent oral and written skills to internal staff of all levels, senior stakeholders.
- Respond to client security questionnaires, RFP/RFI's, and audit requests.
- Perform third-party security vendor diligence, liaise with business stakeholders to perform assessments and identify risk and monitor activities of existing vendors.
- Ability to manage and lead a small team
- Respond to and maintain the GRC service queue (ServiceNow) for tickets escalated to the team.
Education
- Strong understanding of information security best practices, regulatory requirements, and industry standards (ISO 27001, PCI-DSS, SOX)
- Bachelor's degree - whether in Information Security, Computer Science or related areas.
- Industry recognized certification in security such as, for e.g., CISSP, CISA, CISM, CRISC, ISO27001).
This is a permanent role based in Central London, the role does offer hybrid working which includes attending the office on a weekly basis as well as some remote working. The salary on offer is £75,000 - £85,000 dependent on experience. The client will only consider those who have the right to work in the UK and will not provide any sponsorship.
Please note you will receive an automated response advising you that we have received your CV.
Morgan Philips Group is a global talent solutions business that disrupts conventional thinking in executive search, recruitment and talent consulting. We operate in over 18 markets in Europe, North & South America, Asia, and the Middle East & Africa. We understand that the future is digital and social, so we embrace the latest technology, including video ads and CVs, as well as social recruiting. Our innovative services are tailored to the new world of work yet we do not lose sight of the fact that employees be they existing and potential are ultimately human beings.
We are committed to ensuring that all job applicants are treated equally, without discrimination because of gender, sexual orientation, marital or civil partner status, gender reassignment, race, colour, nationality, ethnic or national origin, religion or belief, disability or age.