Information Security Manager - part time 3-4 days- £60k FTE
My client is looking for an Information Security manager to join them on a part time basis 3-4 days per week based on their Bath site or fully remote - £60,000 FTE + 15% bonus.
This is a role focused management of the over-arching information security strategy, communicating InfoSec goals/change activities to the wider business and driving general alignment with ISO27001 principles for confidential data.
My client is a growing Financial Services firm based in Bath, they are looking for an Information Security Manager to join them on a part time basis (3-4 days p/w), the role can be based fully remote if required.
- Maintain and manage the over-arching information security strategy, specific strategies and a programme of enhancements
- Build and enhance a partnering relationship with other business areas and external stakeholders
- Drive general alignment with ISO27001 principles for the management of our most confidential data
- Maintain InfoSec policies and procedures in line with risk appetite and good practice
- Run periodic internal risk assessments with representatives from all areas of the business
- Maintain internal risk and control register, with general alignment to ISO27001 where in scope
- Log all operational incidents, agreeing and following up on remedial activities
- Maintain awareness of the relevant regulation and legislation, e.g. ISO27001, ISO9001 standards (and other information governance standards)
- Maintain awareness of a broad range of technologies including common vulnerabilities and exploits, with a comprehensive knowledge of security controls
- Define and run information security awareness and training for all staff and provide introductory training for all new staff
- Develop and manage third party supplier security monitoring framework
- Identify and challenge behaviours or activities that contravene risk policies and procedures
- Degree in Technology, Security, Information Governance or related field and / or validated experience which shows an ability to operate effectively
- Professional security qualifications and certifications such as CISSP, CISM, CISA, ISMS RM, CIS RM, ISO27001 or equivalent experience
- Knowledge of infosec security, risk and control frameworks such as ISO 27001, 9001, CobiT and ITIL
- Good knowledge of the latest trends in information security and risk management, e.g. evolving technologies, Cyber risk mitigation, etc.
- Demonstrable high degree of initiative and drive to get things done
- Excellent communication skills and numeracy
- Understanding when to escalate issues so that they are handled appropriately within the agreed policies and procedures
- Good relationship management skills with ability to build strong professional relationships with 3rd party suppliers
£60,000 FTE earnings + 15% bonus + fully remote working if required