ghd603 - Information Security Manager - 6 months fixed term

Apply Now  Print  Back To Search Results

Posted: 14/02/2020 16:09
Start Date: Not Available
Salary: Competitive Salary
Location: Leeds Office
Level: Standard
Deadline: 27/03/2020 23:59
Hours: 40.00
Benefits: Competitive Benefits
Job Type: Fixed Term Contract

 

What’s the Job?

The primary role of the Information Security Manager is to establish and enforce security policies to protect information systems and data.

The roles mission is to minimise and contain risks and threats across the enterprise environment, and manage the process of gathering, analysing and assessing the current and future threat landscape. The Information Security Manager will be responsible for proposing changes to existing policies and procedures, and to ensure operating efficiency and regulatory compliance.  

The role will also provide security communication, awareness and training for audiences, which may range from senior leaders to field staff.

 

What will I do?
 

  • Propose changes to existing policies and procedures to ensure operating efficiency and regulatory compliance
  • Develop a security programme that addresses identified risks, regulatory compliance gaps and business security requirements
  • Monitor and report on compliance with security policies, as well as the enforcement of policies within the IT department
  • Assist business leaders and IT staff in understanding and responding to security audit failures reported by auditors
  • Work with the Director of IT and business stakeholders to define metrics and reporting strategies that effectively communicate successes and progress of the security programme
  • Provide support and guidance for legal and regulatory compliance efforts, including audit support
  • Consult with IT and business leaders to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software
  • Recommend and coordinate the implementation of technical controls to support and enforce defined security policies
  • Research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software, and analyse its impact on the existing environment
  • Work as a liaison with vendors and the legal and purchasing departments to establish mutually acceptable contracts and service-level agreements
  • Produce and deliver security training material
  • Plan and execute penetration tests
  • Assess the organisation’s infrastructure and data to identify vulnerabilities caused by weaknesses or flaws in software and hardware that could expose the infrastructure to a security breach
  • Advise on implementation of Business Continuity and Disaster Recovery Planning

 

What skills and qualities will I need?

  • A minimum of seven years of IT experience, with five years in an information security role
  • The ability to design, implement and manage a comprehensive security solution within a medium to large sized multi-site, multi-country enterprise is an essential requirement of this new role
  • Experience working with legal, audit and compliance staff.
  • Experience developing and maintaining policies, procedures, standards and guidelines.
  • A strong understanding of the business impact of security tools, technologies and policies.
  • Strong leadership abilities, with the capability to develop and guide information security team members and IT operations personnel, and work with minimal supervision.
  • Experience with common information security management frameworks, such as Sarbanes Oxley, International Standards Organisation (ISO) 27001
  • Strong knowledge of Security principles and practices across one or more technologies such as firewalls, routers, intrusion detection systems, network management systems
  • Strong communication skills (written, oral, presentations) while maintaining an ability to talk in layman's terms about security. Ability to provide technical security leadership and act as an agent for constant improvement in the company's security plan.
  • Security related certification such as CISSP, CISA or CISM
  • Experience of data protection and Data Privacy policies

 

 

 



Apply Now  Print  Back To Search Results

About ghd    Search Vacancies    Search Vacancies    Contacts    Privacy Policy    Login