Information Security Manager

Information Security Manager - £70,000 PA

Path to CISO

Birmingham

Information Security Manager sought by a well-known and public-facing organisation with numerous sites spread across the county. The business is involved in significant, complex and critical logistical operations.

As a public-facing, Critical National Infrastructure business the Information Security Manager will be a crucial component in ensuring the effective management of both the technical cyber security environment and wider information security management piece for the business.

Reporting directly to the Head of IT, this role carries responsibility for ensuring appropriate cyber security controls, working alongside internal teams (including outside of IT), helping to ensure ongoing best practice and compliance.

The role will suit an individual with a strong background in Information Security Management (including those with backgrounds focussed on Compliance, Risk, or Threat / Vulnerability Management). This role offer genuine career progression opportunities into a CISO level role.

Responsibilities:

* Ownership and maintenance of all security related policies and procedures, implementing Security by Design and driving a culture of cyber security awareness in the business.

* Working closely with the Head of IT in relation to Information Security Strategy and the creation, delivery and maintenance of a robust Cyber Security roadmap.

* Conducting assessments and audits (responding where necessary), in relation to security threats, risks, capabilities and maturity.

* Keeping up to date with relevant security legislation / methodologies / standards and appropriate regulatory frameworks (including GDPR and ISO27001)

* Management of a third-party Security Operations Centre.

* Promptly deal with any security incidents, including overseeing technical solutions.

* Work closely with third-party suppliers in relation to audits, forensic analysis and pen testing.

Required Experience:

* Experience in an Information / Cyber Security focussed role involving management of strategy and oversight in the deployment of security controls.

* Extensive experience with GDPR and data protection, together with extensive knowledge of IS standards including ISO and NIST.

* Security assessment frameworks ( threat modelling, controls assessment, risk assessment )

* Relevant qualifications; CISSP, CISM or similar.

* Understanding of TOGAF methodology would be beneficial, although is not a requirement.

* Ideally you will have experience setting up and running of SOC services ( either internal or SOCaaS ), although again, this is not a requirement.

The role offers excellent benefits, including flexible working and one of the UK's leading pension schemes.

Location; Birmingham (hybrid working environment)

CTC Clearance will be required.