Information Security Manager
Job Title: Information Security Manager
Job ID: 23938
Job Type: Permanent
An International Bank based in Sutton with a long successful history are currently recruiting a permanent Information Security Manager who will be responsible for the creation and execution of an Information Security Management Framework for the company.
The role will also involve continual improvement approach to all aspects of Information Security. Targeting an ISO27001 accreditation in 2019, close alignment and working partnerships with the Operational Risk team, management of external Information Security and Technology service providers and be a member of the IT Management team. Initially no direct reports to manage. Direct report into Chief Technology Officer.
- Develop, review and maintain the organisation’s security policies, standards, procedures and guidelines.
- Embed Information Security into key processes, procedures and working practises.
- Manage and support customer and supplier information security risk processes.
- Perform regular security reviews, risk assessments and audits of policy compliance.
- Develop and maintain the information security risk register.
- Manage day to day security solutions across all technology fields working in partnership with IT.
- Manage external client, vendor and supplier assessments and security maturity.
- Compile and maintain software & firmware baseline inventory.
- Define and execute the Information Security framework.
- Vulnerability and patch management strategy and execution.
- Security Incident management processes and remediation.
- Develop, deliver and measure security awareness across the organisation.
Desirable Skills and Experience:
- Excellent oral and written communication skills.
- Technical understanding of core networking and infrastructure services.
- Good time management and prioritisation skills.
- Proven practical problem solving and analysis experience.
- Identifies what needs to be done and can take independent action when the situation requires it.
- Professional information security membership and certification essential eg CISSP, CISM, CISA
- A relevant degree or equivalent experience an advantage. [Bullet Point]
If this sounds like a good match, then please get in touch ASAP as interviews are taking place immediately.