Information Security Manager

Information Security Manager. White Clarke Group is well established as a world leading provider of end-to-end automotive, consumer and equipment finance software. Last year we won best front office and best back office solution in our industry. We have a great culture & we are a friendly bunch - all reflected in our 4.8 Glassdoor rating. Requirements of the role: Primary Responsibilities include: Responsible for the implementation of the information security programme and risk management framework to ensure that information assets across the organisation are used, managed and protected in accordance with applicable legislative and regulatory requirements. Responsible for the creation and implementation of the group Roadmaps to address gaps resulting from all current state assessments to support improved security maturity. Collaborate with the Group CTO in the development and implementation of appropriate information security and privacy policies, processes and other resources, ensure all resources meet applicable legislative and regulatory requirements. Responsible for raising awareness across the group of the importance of information security through the creation and delivery of appropriate training and other awareness initiatives, to ensure the proper implementation of and adherence to the organisations strategy and policies, both by staff and relevant third parties. As subject matter expert undertake due diligence and compliance monitoring of relevant third parties to ensure that Company information security and data privacy requirements are complied with. As subject matter expert provide relevant information to allow performance against identified objectives to be monitored, measured, and reported on to the Information Security and Data Privacy Steering Committee and other key stakeholders as needed. As subject matter expert lead the incident response mechanism to allow the organisation to respond to information security incidents in a timely, proportionate and effective manner and to monitor and report on any such incidents Preferred Experience: A very Strong working knowledge of information security standards and best practice such as SOC, ISO 27001, 27002, 27017 & 27018. Very Strong Experience of Infosec consultancy within a commercial environment. In-depth knowledge of global technological trends and developments in information security and risk management. In-depth knowledge of privacy laws and standards, though this is less essential. In-depth knowledge of PCI DSS (desirable but by no means essential) Professional certification such as CISSP, CISM, CISA or other Infosec credentials. Desirable technical skills Understanding of security tools - IDS/IPS, patching, vulnerability management, SIEM, penetration test and remediation. Secure software development best practice against OWASP Top 10 Person specification Strong Communication Skills. Self-starter approach and the ability to work on own initiative who gains satisfaction from providing excellent service. Strong influencing and stakeholder management skills able to build relationships at all levels. · Takes ownership and responsibility; works well individually and within a team Good written and verbal skills, able to translate concepts into terms accessible to both technical and non-technical people, and to present it. Proactive and highly organised and able to work in a fast-paced environment. Well-developed time management skills and able to be flexible with respect to working hours, according to operational requirements. Willing to travel. Information Security Manager This job was originally posted as www.totaljobs.com/job/89768131