Information Security Manager

Information Security Manager

Passionate about information security and want to be part of one of the fastest growing tech companies?

This is a diverse security team that is responsible for information security across the whole organisation.

The team deal with security alerts and incidents, they select and manage the security systems, carry out security assessments of new technologies, manage security compliance programs and provide security advice and education to all areas of the business.

The role of the information security manager is to monitor and improve the information security risk position through the identification of infosec risks. To produce better processes and policies and the management of security improvement and compliance programs.

The information security manager will act as the deputy to the Head of Information Security and will ensure that they utilises appropriate information security systems to protect its critical assets and continues to stay abreast of cyber-risk activity.

Key responsibilities

• Collate, maintain and follow up on information security risks.
• Define, implement and maintain Infosec best practices and policies.
• Review and monitor existing security controls, help develop new controls and conduct internal infosec audits.
• Assist the sales teams in the production of security tender documents and audit responses.
• Manage the ongoing PC I compliance program and support other compliance programs including GDPR.
• Review Infosec incidents and maintain the Infosec Incident response processes.
• Manage the security testing program.
• Collate and report Infosec KPIs to management.
• Stay abreast of changes in the threat landscape and also latest security technologies and mitigations.

Key Skills

• Broad experience of security management concepts from a number of years working in infosec related roles.
• Excellent knowledge of Infosec governance processes and control frameworks such as ISO, COBIT and SOC 2.
• Security qualifications, CISSP or equivalent.
• Good understanding of the security community, toolsets and knowledge sources.
• Excellent verbal and written communication skills.
• Able to evaluate information security risks in the context of the business and develop strategies that are in line with risk appetite and culture.
• Proactive approach, able to work on multiple parallel activities in a fast-paced environment and adapt quickly to changing priorities.
• Able to build relationships across multiple teams in all divisions.

Networking People (UK) is acting as an Employment Agency in relation to this vacancy.