Information Security Manager
|Posted on||6th January 2020|
|Salary/Rate||£40000 - £45000 per annum|
About this job
We are looking for an Information Security Manager for our well trusted client in Public Sector. The role is a permanent, full-time job. The role is subject to security vetting to SC level (it's ok if you don't have it yet but you can only start after you've been SC cleared.)
To provide dedicated information risk and accreditation management and information systems control expertise to the client and its service delivery partners.
To provide day-to-day information security management and implementation advice, guidance and monitoring of the client's systems information exchange processes and systems data holdings
To provide expert advice and guidance on the implementation of HMG SPF controls and policies.
The main responsibilities of the post are to:
*Advising on all aspects of information assurance management and to assist senior management in maturing our Information Assurance management arrangements.
*Manage and advise on the organization's Information Assurance budget allocation ensuring value for money requirements are met.
*Ensure the client remains compliant with the minimum mandatory measures of the Security Policy Framework (SPF) and associated HMG Information Security Standards.
*Assist department/division managers and our contracted services providers to remain proactive in assessing and minimizing information security risks and business impacts arising from information processing and ICT services and systems threats and vulnerabilities.
*Author, update and advise on changes to information risk management and information security policies and procedures as well as oversee their implementation with managers and staff.
*Monitor the effectiveness of our security policies and practices covering physical, procedural and technical controls.
*Act as the internal accreditation support resource co-ordinating information security work of service providers, suppliers and consultants - e.g. on risk assessments, accreditations and penetration tests.
* Proven experience in a services delivery organisation(public or private sector) in a similar role - examples are:
- an Information Security Officer (ISO)
- an Information Risk Manager
- an IT Security Officer (ITSO)
- an IT security and systems auditor
*Proven ability to assess information systems processes and ICT services and systems threats, vulnerabilities and risks.
*Proven ability to write reports and deliver presentations on information risk management, systems process control, ICT security.
*Proven ability to author information security policies and procedures.
*Experience of managing budgets.
*Experience of managing a team of technical specialists.
*Works and communicates effectively and fluently with managers and staff - able to explain complex technical issues in terms that non-technical managers and staff will understand.
*Industry recognized qualifications relevant to information risk and security management (examples are CISSP, CLAS, CISM, CISA, ISO27001 Auditing).
*Experience of ICT security management, planning, implementation and monitoring.
*Understanding of ITIL service processes and management relevant to information security.
For further details, contact Renata Horvath on +44 131 473 7037 or e-mail firstname.lastname@example.org.