Job Search For Technology Professionals

Information Security Manager

Information Security Manager// Bristol // Multi-award-winning company // £50,000- £65,000 + Great bens

My client – A dynamic and multi-award-winning organisation are looking to appoint a seasoned Information Security Manager to own and drive forward security best practice across the whole business. Best known for their innovation, multiple awards and unique employee culture, they have firmly established themselves as the market leader across the arena they dominate.

A brief insight into the role:

Responsible to the Head of IT for the provision of protective security and information risk management
advice. This includes ensuring that appropriate physical, technical and procedural security is in place.
Ultimately you will own the development / adoption and enforcement of Information Security policies,
procedures and standards across every business area.

Role responsibilities:

•Act as the central point of contact with regards to Information Security
•Take day to day responsibility for protective security for the Senior Information Risk Owner) including making routine accreditation decisions on agreed risk criteria
•Plan, manage and undertake internal and third party audits on IT governance, information security and controls
•Manage risk by reviewing Risk Management Accreditation Document sets and challenge inappropriate design decisions
•Develop Information Assurance across by encouraging Information Asset Owners to build Information Assurance and accreditation into business and project plans
•Provide advice and guidance on necessary physical security requirements required to protect staff, infrastructure, assets and information. Provide recommendations on cost effective improvements based on threat levels
•Coordinate the Incident Management process, ensuring appropriate actions are undertaken by relevant departments. Provide analysis and feedback, identify trends in security breaches and recommend mitigating actions as required
•Assist Information Asset Owners in embedding information risk management within their day to day business. Specifically this will involve supporting the accuracy and completeness of Information Assets Registers
•Provide training and awareness on information assurance ensuring a security culture that is embedded
•Maintain appropriate security measures to guard against unauthorised access to electronically stored and / or transmitted service user data and protect against reasonably anticipated threats and hazards
•Oversee and assist in performing on-going security monitoring or organisation information systems
•Ensure compliance through adequate training programs and periodic security audits – both internal and external in nature
•To identify and recommend actions to manage actual or potential regulatory risks, in order to protect the Company
•Provide regular reports to the Board
•Monitor and evaluate regulatory, legislative and industry-wide developments and provide recommendations for action where appropriate
•Provide ongoing consultancy level support to the Board to enable effective discharge of regulatory responsibilities, e.g. Treating Customers Fairly

You will also:

•Maintain confidentiality and observe data protection and associated guidelines where appropriate
•Act as a subject matter expert on industry compliance requirements, including guidance from regulator bodies (e.g. ICO, Membership bodies and relevant statute (Consumer Credit Act, General Data Protection Regulations)
•Keep up to date the Information Security policies and procedures including breach management and to disseminate new rules/regulations on Information Security to all staff
•Assist with Privacy Impact Assessments on all systems processing personal data from time to time
•Work in partnership with the Head of IT in working towards compliance with ISO 27001
•Manage and facilitate the development and implementation of information security policies, standards, procedures to ensure ongoing maintenance of security is conducted. Information protection, responsibilities will include network security architecture, network access and motoring policies, ensure employee education and awareness
•Implement robust incident response planning as well as ensuring that investigations of security breaches are conducted accordingly. If required assist with disciplinary and legal matters associated with such breaches
•Work with outside consultants as appropriate for independent security audits
•Develop metrics and reports to measure and report the company’s security status
•To promote and adhere to equality of opportunity, anti-discrimination and antioppressive practices

A little bit about you:

•Professional industry-related qualification
•Educated to degree level or equivalent
•Certificate in Information Security Management Principle
•Foundation level of technical understanding of systems and networks – i.e. CompTIA Security+ qualification
•Experience of compliance at senior manager level
•Track record in relationship management
•Experience of the management of Information Security within a large organisation, including the establishment of monitoring
•Extensive knowledge of ISO/IEC 27001
•Provision of specialist advice, knowledge and opinion on issues relating to physical, procedural, and technical (ICT) aspects of Information Security
•Experience of the development of policies to manage Information Security, including external connections trusted and untrusted domains

Benefits include:
•27 Days Annual leave (increases with service)
•12% Pension (non-contributory)
•Private Medical care
•Childcare vouchers
•Annual salary review

By applying to this advert you are giving CPS Group (UK) Ltd authority to hold and process your data for this specific role and any other roles we may deem suitable to you over time. We will not pass your data to any third party without your verbal or written permission to do so. All incoming and outgoing calls are recorded for training and compliance purposes. CPS Group (UK) Ltd is acting as an Employment Agency in relation to this vacancy

To apply for this job please visit the following URL: →