Information Security Manager

Information Security Manager

Are you ready for an exciting new challenge in your cyber security career? Our client is looking for an Information Security Manager to join their Information Security governance and oversight team.

This technically focused role involves delivering Information Security services such as consultancy, assurance reviews, and risk management while providing governance and oversight across the business to manage security risks effectively.

Key Responsibilities:

1. Implement and maintain security control frameworks such as ISO27001 and PCI-DSS.
2. Lead governance, oversight, and assurance on technical security controls and design.
3. Act as an Information Security consultant, ensuring security standards are met in key business projects.
4. Develop and maintain technical security patterns and standards.
5. Lead and mature penetration testing and other security testing programmes.
6. Conduct assurance reviews and assessments, including third-party evaluations and new solutions.
7. Assess security risks, proactively developing countermeasures.
8. Perform security risk assessments for change management, processes, and new solutions.
9. Monitor emerging security threats through external research and internal engagement.
10. Enhance information and cyber security maturity across the organisation.
11. Deliver security awareness initiatives and promote best practices.
12. Support the Information Security Incident Response team when required.
13. Ensure compliance with relevant standards and regulations.

What We're Looking For:

1. Strong background in cyber and IT security.
2. Experience with Microsoft security technologies, including endpoint security and Azure.
3. Proficiency in security controls and frameworks, particularly in cloud security.
4. Hands-on experience with vulnerability management.
5. Ability to translate security frameworks and standards into detailed control requirements.
6. Experience conducting assurance reviews and identifying security gaps.
7. In-depth understanding of ISO27001, PCI-DSS, and other security frameworks.
8. Strong communication skills, able to explain complex technical concepts to non-technical audiences.
9. Excellent stakeholder management and relationship-building abilities.
10. Analytical mindset with great attention to detail.

Qualifications & Experience:

1. Extensive experience in Information & IT Cyber Security.
2. Proven track record in managing and improving penetration testing programmes.
3. Experience working in an Agile change environment.
4. Recognised security certifications such as CRISC, CISM, or CISSP.

Benefits:

1. Flexible home or office-based working.
2. Be part of a forward-thinking organisation that values innovation and security excellence.
3. Opportunity to make a real impact.
4. Supportive and collaborative work environment.

If you're looking to apply your technical expertise in a dynamic environment and shape a strong security culture, we'd love to hear from you!

Interested? Please Click Apply Now!