Job Title: Information Security Manager
Location: Bristol - Hybrid Working 2 days per week onsite
Salary: £60,000 - £68,000 + benefits
Are you an experienced Information Security Manager looking for your next challenge? If so, this could be the ideal opportunity for you. My client, a specialist services business with an excellent reputation, is currently investing within their Information/Cyber Security team. As part of this investment, they are looking to hire an Information Security Manager to join the team.
Working closely with the IT Manager you will provide the specialist expertise to maintain and support Information Security strategies by managing the overall Information Security governance and compliance processes, ensuring that effective IT security controls and processes are being implemented across the business.
Key responsibilities
- Work with the IT manager (ITM) to define and implement an Information Security strategy and Information Security Management System (ISMS).
- Work closely with the Cyber Security Operations Centre (CSOC) to review the current cyber security posture and prioritise areas for improvement.
- Proactively manage and develop ongoing annual adherence to current Cyber Essentials standards and annual audit and accreditation.
- Manage ongoing penetration testing and vulnerability checks, taking ownership of the programme of work to resolve any weakness identified.
- Develop and implement a Data Loss Prevention strategy, working closely with key stakeholders to drive adoption and compliance within the wider business.
- Develop, implement and enforce suitable and relevant information security policies, ensuring that these are compliant with the Data Protection Act 2018 and other legislation and regulations related to information security.
- Develop, implement and monitor an information security awareness and training programme.
- Provide stakeholder support to technology projects, to advise on security considerations.
- Provide regular reporting on key management information and progress reports.
Skills and Experience required
- Proven background within a similar Information Security Officer/Manager position.
- Proven background within Information Security using proven methodologies with external resources.
- Information Security certification (CISSP, CEH, CISM, etc)
- A strong knowledge of ISO27001 and Cyber Essentials +
- Systematic problem-solving approach, coupled with a strong sense of ownership and drive.
- The ability to explain the risk of security threats and creating mitigations.
- A good understanding of GDPR standards and practices.
- Excellent written and verbal communications skills as appropriate for the needs of the audience.
For more information or to apply please send a copy of your CV to