Information Security Manager

INFORMATION SECURITY MANAGER
REMOTE/ HYBRID WORKING – LONDON

Permanent Position

Salary 80-90k basic + excellent benefits

Our client currently has an excellent opportunity for an experienced Information Security Manager to join their highly respected organisation in the Financial Sector – Central London.

This is a permanent position to implement new information security / cyber security initiatives and strategies.

KEY RESPONSIBILITIES

·Manage the IT Security workstream of initiatives, to improve information security and cyber security within the organisation

·Establishing and maintaining the Information Security Management System – assessing and reporting IT security, information security and cyber security risks and ensuring mitigating actions are agreed and completed.

·Develop and execute plans to ensure compliance to ISO27001:2013, GDPR and other legal and security standards as agreed with the IT leadership team.

·Develop and maintain our Information Security Policy and associated policies and procedures – ensuring alignment with IT strategic plans and agreement with the senior management team.

·Reporting on information security and cyber security status within the organisation: vulnerabilities, risk status, action plans etc.

·Agree standards for ongoing threat detection (both internal and external) and vulnerability assessments, including penetration test procedures

·Work in an advisory capacity to key stakeholders on how to improve and identify cyber and IT risks and suggesting relevant changes to control processes.

ESSENTIAL SKILLS AND EXPERIENCE REQUIRED

·At least 5-10 years experience in an Information Security Manager / Cyber Security Manager role.

·A few years of the above experience must be from within a highly regulated environment.

·Expert and proven working knowledge of ISO 27001:2013 and GDPR.

·Expertise in IT Security controls and security standards such as ISO 27001, HIPPA and GDPR.

·Strong knowledge in risk management, specifically in developing and implementing risk management frameworks.

·ISO 27001:2013 internal audit qualification is desirable.

·At least one security-focused industry certification such as CISSP, CISM, SSCP or CISA certifications.

·Experience implementing and managing an ISO 27001:2013 Information Security Management System.

·Review and improve previously developed security policies and procedures, subsequently implementing improvements.

The roles will require the successful incumbent to be in the office circa 1-2 days per week and the rest of the time will be remote working.

If you feel you have the required experience within a highly regulated environment as an Information Security Manager / Cyber Security Manager role then please forward me a copy of your CV asap, along with your salary expectations.

To apply for this job email your details to mark.chambers@orbitalresourcing.co.uk.