IT / Information Security Manager

As an Information Security Manager You will be responsible for defining and embedding best practice information security policies, standards and processes based on ISO27001 / NIST Cyber Security Framework (CSF).

Benefits include:

• Hybrid working (3 days/wk onsite)
• Competitive Pension
• Flexible Benefits Package

I am keen to speak to any Info Sec Managers or Specialist looking to move into more responsibility with experience of the Financial Sector, with an understanding of the NIST Cyber Security Framework & IS027001. Relevant certifications such as CISM or CISSP would be preferred but not essential.

The Role:

You will play a pivotal role in safeguarding the companies critical data assets from evolving cyber threats. You will be responsible for defining and embedding best practice information security policies, standards and processes based on NIST Cyber Security Framework (CSF).

KEY RESPONSIBILITIES:

The maintenance and management of an overall cyber and information security strategy aligned to NIST Cyber Security Framework (CSF)

• The maintenance and management of the Information Security policies, standards and procedures as required in order to meet the legal and regulatory requirements. Continually monitoring the information security controls, KRIs/KPIs and technical landscape.
• The maintenance and management of the Company wide cyber incident response plan including test runs as required. These would be linked to existing plans such as DR and BCP.
• Manage third-party information security vendors. This includes performing due diligence on third-party vendors, managing vendor contracts, and ensuring that vendors meet the Companies security requirements.
• Conduct audits and regular vulnerability assessments of the IT infrastructure to identify and mitigate potential risks or security breaches, including penetration testing.
• Champion security awareness training. This includes developing and delivering security awareness training to all employees and promoting a culture of security.
• Chair and lead the Information Security committee Requirements:
• Degree level educated preferably in Information Technology or relevant industry certifications, such as CISM or CISSP.
• Expertise in risk management methodologies such as NIST or ISO27001.
• Proven experience in managing and maintaining IT security systems and infrastructure.
• Broad knowledge of networking protocols, firewall configurations, and system administration.
• Broad knowledge of cloud computing platforms and virtualisation technologies.
• Excellent written and verbal communication skills with ability to present security requirements to a technical and non-technical audience.
• Excellent leadership and communication skills, with the ability to effectively collaborate with stakeholders at all levels.

This is an East Midland based role and only candidates who can comfortably commute to the East Midlands 3 days per can be considered. This role would suit an Info Sec Manager or an Info Sec Specialist looking to move into great responsibility.