Information Security Manager
Stoke on Trent 2-3 days per week on site
Salary - £55,000 - £65,000 per annum
Information Security Manager required to be responsible for leading Information Security ensuring visibility, understanding and appropriate management of Information Security risks in order that the organisation can achieve its strategic and tactical objectives whilst maintaining the confidentiality, integrity, and availability of its information assets. You will mentor a team of three whilst managing internal and external suppliers.
Key responsibilities:
- Drive the development of effective stakeholder relationships with peers to garner sustained support for the Information Security strategy
- Manage stakeholder perceptions of Information Security as a valuable investment to optimise our corporate risk stance
- Ensure that Information Security considerations are an integral part of all investment and outsourcing decisions
- Manage the creation and maintenance of Information Security policies and governance frameworks that enable informed business decisions to be made on the basis of a clear understanding of Information Security risk
- Lead and develop the team and its capabilities, aligned to best practise driving a high performing, results driven, culture
- To ensure that all members of the team have a sense of purpose, understand their contribution to the objectives and are empowered to make decisions and add value where applicable
- Support in the management of the budget with a particular focus on ROI and operational efficiency
- Champion and enhance the non-functional Information Security requirements embedded within the wider governance framework
- To support the maintenance and delivery of the security strategy and roadmap, ensuring that it aligns to the overall business strategy and takes account of the future direction of the business
- To manage security incidents and take a lead on the definition of Disaster Recovery
- To support the development of the framework and govern the implementation of Business Continuity and Operational Resilience
- Responsible for maintaining compliance with our selected frameworks and certifications ISO27001, Cyber Essentials (and Plus), PCI:DSS
- Work with the Legal and regulation team to support compliance with UKGDPR and other legal and regulatory obligations.
Key requirements:
- Experience of managing security across all areas and functions of the business and supply chain and across all domains including information security, IT/technical security and physical security
- Knowledge and expertise in data protection including GDPR and UK data privacy rules
- Experience of PCI DSS compliance programmes as a key decision maker and subject matter expert
- Experience of Disaster Recovery and Business Continuity design, planning and execution
- Experience of working in an outsource environment managing third-parties to deliver security outcomes
- Good working knowledge of IT and security governance frameworks such as ISO 27001
- Technical experience in a cloud environment specifically Office 365 and Microsoft Azure
Interested? Please submit your updated CV to Lucy Morgan at Crimson for immediate review.
Not interested? Do you know someone who might be a perfect fit for this role? Refer a friend and earn £250 worth of vouchers!
Crimson is acting as an employment agency regarding this vacancy. Please visit our website to see Crimson's Privacy Statement, should you wish to view prior to applying for this vacancy.