Information Security Manager

identifi Global Resources ,
Milton Keynes, Buckinghamshire
Salary: £40,000 - £49,999, £50,000 - £59,999, £60,000 - £69,999

Overview

INFORMATION SECURITY MANAGER Milton Keynes – Salary dependent on experience The Company Our Client is an Award-Winning Software Company who develop and retail bespoke greenfield software to some of the worlds most reputable organisations. Our Client has a global presence with offices across Asia Pacific, Europe & the USA. Our Clients UK Headquarters is based in Milton Keynes – considered as the technology hub of the United Kingdom The Role Reporting to the Group CISO the Information Security Manager will be responsible for implementation and control of the Information Security programme throughout the group as well as providing direction and ownership of information security and risk and compliance management in relation to people, process and technology. You will manage Infosec technical staff to achieve program goals in line with the business strategy and Information Security industry best practice. Responsibilities include: Responsible for the implementation of the information security programme and risk management framework to ensure that information assets across the organisation are used, managed and protected in accordance with applicable legislative and regulatory requirements. Responsible for the creation and implementation of the group Roadmaps to address gaps resulting from all current state assessments to support improved security maturity. Collaborate with the Group CISO in the development and implementation of appropriate information security and privacy policies, processes and other resources, ensure all resources meet applicable legislative and regulatory requirements. As subject matter expert undertake due diligence and compliance monitoring of relevant third parties to ensure that Company information security and data privacy requirements are complied with. As subject matter expert lead the incident response mechanism to allow the organisation to respond to information security incidents in a timely, proportionate and effective manner and to monitor and report on any such incidents What We Are Looking For A very Strong working knowledge of information security standards and best practice such as SOC, ISO 27001, 27002, 27017 & 27018. Very Strong Experience of Infosec consultancy within a commercial environment. In-depth knowledge of PCI DSS (desirable but by no means essential) Professional certification such as CISSP, CISM, CISA or other Infosec credentials Technical Skills Understanding of security tools - IDS/IPS, patching, vulnerability management, SIEM, penetration test and remediation. Secure software development best practice against OWASP Top 10