Our client, who deliver a high-quality, low-cost pension schemes open to all, are looking for an experienced Information Security Manager to join its Risk & Compliance Directorate
The Information Security Manager will report into the Head of Information Security and is responsible for ensuring that my client’s third-party suppliers meet the organisation's security risk profile and business requirements, including legislative and regulatory obligations.
You will be able to assess the security posture of third parties and will design information security controls for the business and its suppliers. Working across all internal departments, programmes, projects and initiatives, the Information Security Manager will provide oversight and support to them in procuring third party suppliers.
To be considered for this role, you must have
Practical experience working with third party suppliers to audit and evidence compliance with security policies, standards etc.
Practical experience using ISO 27001/2, NIST CSF and other security standards in the design and management of information security controls.
An understanding and experience of various Information Security domains including Security Architecture, Information Security Governance, Network Security, Data Protection, Risk Management, Identity & Access Management, Vulnerability Management, Anti-Malware, Mobile Device Management and Cloud Security
Experience of working within the Financial Services would be very welcome
Teamworking skills, capable of collaborating with 3rd Party Information Security teams, internal security Information Security team members, members of other teams in the organisation and various dynamic resourcing options (e.g., contractors and consultants) when necessary
Capable of managing multiple tasks/projects
Be able to explain complex information security requirements using clear and unambiguous language with business audiences, alongside demonstrating influencing and negotiation skills
People-management skills; capable of coaching and mentoring junior team members
The successful Information Security Manager will have appropriate security certifications such as CISSP, CISA, CISM and ISO 27001 Auditor/Implementor certification (or significant recent progress towards such certifications). You may be also educated to degree level or equivalent (ideally in a security or computing related discipline).
Sitting at the heart of organisation you will be helping the functions across the organisation implement information security processes from the outset within their projects and key initiatives.
The role offers a unique opportunity to shape the future of an organisation facing unprecedented challenges and for the right candidate, huge rewards.