Information Security Manager
Information Security Manager - Permanent Position - Sheffield Based but remote working initially
My large client in the finance sector is currently looking for an Information Security Manager to join them on a permanent basis in their offices in Sheffield. You will work as part of a medium size Information Security Team and take responsibility for defining and embedding best practice information security policies, standards and processes based on ISO 27001, NIST Cyber Security Framework (CSF), Cyber Essentials Plus, UK HMG Security Policy Framework and Government Functional Security Standard (GovS:007).
In this role you will lead, advise and enable technical teams to make security decisions and provide advice and guidance, ensuring the effective use of common tools and patterns.
Your main responsibilities will include:
- Implement ISO 27001 framework and Information Security Management System (ISMS).
- Develop a complete set of corporate Information Security policies and standards and continually monitoring the information security controls, KRIs/KPIs and technical landscape.
- Lead on compliance reviews, certifications and accreditations (eg ISO27001, Cyber Essentials, GDPR etc.).
- Implement effective and appropriate GRC controls and measures to protect systems and data.
- Identify, communicate and manage current and emerging security threats with relevant stakeholders.
- Develop Information security compliance frameworks, security policies and procedures, where necessary.
To be the right candidates you will have:
- Comprehensive understanding of Information Security Frameworks (eg ISO 27001, NIST CSF, GovS 007 and Cyber Essentials) and UK and UK Data Protection Act 2018 including GDPR.
- Monitoring and reporting on compliance with security and data protection policies, as well as the enforcement of policies.
- Working knowledge of Security Architecture and potential security issues related to them PaaS, IaaS, SaaS and understanding of IAM, and Data Loss Prevention in a Microsoft Azure environment.
- Knowledge of security technologies such as IDS/IPS, vulnerability testing and Firewalls.
Relevant Qualifications (Beneficial):
- Degree qualified and/or MSc Information Security.
- CISSP, CSSP, CISM, Cybersecurity or similar certifications.
- ISO 27001 Lead Implementer or Lead Auditor certification.
What is on offer:
- Competitive salary + up to 10% bonus earning potential (paid annually)
- 15% employer pension contribution and 3% employee pension contribution
- 30 days annual leave plus bank holidays
- Buy and sell holiday scheme,
- Health cash plan
- Flexible working
If interested, apply NOW for immediate consideration.
We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation, gender reassignment, marriage and civil partnerships, pregnancy or maternity or age