An Information Security Manager (ISM) is required for 12 months (likely to be extended) based in North Hampshire.
As Information Security Manager, you will play a key part in keeping the business and their customers' data safe and secure. Overseeing all activities that provide authorised access to information and protect the confidentiality and integrity of information. Utilising information security risk assessments and internal audits to build upon the information security framework.
As the ISM, you will be responsible for:
- Lead the development and implementation of the information security strategy as well as maintaining the compliance with the security frameworks required
- Provide proactive and pragmatic advice as the subject matter expert to support and give guidance to project teams and other business areas in relation to Information Security.
- Ensure change initiatives incorporate information security requirements.
- Manage the penetration testing strategy and vulnerability assessments.
- Evaluate security incidents and determine what technical response is needed as well as coordinate with incident response teams when sensitive information is breached.
- Proactive risk assessments for all systems ensuring effective controls are in place for areas presenting significant information security risk.
- Communicate risks and recommendations to senior management in non-technical, cost/benefit terms to ensure security of information systems.
- Lead and initiate, activities to create Information Security awareness and best practice ongoing awareness activities.
- Support legal and compliance efforts as required e.g. Data Protection Act and assist with any response to security assurance questionnaires from external parties.
- Keep abreast of current and emerging security threats, technologies and legislative changes.
Experience and Qualifications
- Bachelor's Degree in Information Technology, Business, Engineering or related field, Master's Degree Preferred (MIS) or suitable relevant experience.
- Preferably CISM Certified (Certificate in Information Security management)
- Financial Services and information security and data protection experience
- Project management experience
- Deep understanding of operational process interactions and the complex financial services environment
- Customer orientation and quality as a guiding principle
- Excellent intercultural skills
- Strong analytical and conceptualization skills. Strong ability to structure, illustrate and or communicate complex concepts in an understandable, practicable manner.
- Knowledge of common information security management frameworks, such as ISO 27001 or NIST
- Experience in IT security standards and IT landscape design
This role is to start asap and will pay around £595 p/d Umbrella (inside IR35)
Contract, Full Time
- Industry Sector Other