Information Security Manager Hays are working in partnership with a global software development company. The business has expanded and they are now looking to appoint an experienced Information Security Manager to join their IT team.
Hybrid working with 2 days based in the Nottingham office. An attractive salary of up to £70,000 (dependant on experience).

Your Purpose:
Using your knowledge and experience, you will oversee the companies cyber security, secure development and compliance programme.

• Develop the organisations long-term cyber strategy.
• Work closely with internal stakeholders to advice on best practice when the company undergoes planned changes to technologies, working practices and business activities.
• Act as the companies cyber security advocate to senior leadership, informing stakeholders on information security risks while maintaining a pragmatic outlook on likelihood and impact of the risk and cost/complexity of the mitigation.
• Take ownership the organisations ISO 27001 aligned Information Security Management System (ISMS). Lead on activities related to the maintenance, reporting and continuous improvement of the ISMS.
• Oversee all information security risk management and compliance activities. Undertake systematic reviews of the internal IT environment against current good practice standards and regulatory requirements.
• Lead on development and delivery of security performance measures and metrics to support the systematic assessment, reporting and ongoing improvement of the internal IT environment
• Lead the Information Security Incident Response programme. Define, develop and test the organisations incident response plan, playbooks, and associated processes.

Your Experience:

• Experience in an information security risk management role
• Holds a relevant information security certification, E.g., CISM, CISSP, or a degree in Information security or related field.
• A track record in the management and delivery of transformational security improvements.
• Experience working with relevant industry and regulatory standards for information security and data protection, E.g., ISO27001, NIST CSF / NIST 800-53, GDPR.
• Experience developing and delivering Information Security Incident Response programmes.

What you need to do now
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career.