Overview
Information Security Manager Jobs in Northampton, England, United Kingdom at Staysure Group
Title: Information Security Manager
Company: Staysure Group
Location: Northampton, England, United Kingdom
Location:Hybrid with travel to Northampton 1 day per week
Salary:£65,000 – £79,000
Hours:37.5
The Information Security Manager, reporting directly to the Head of Information Security, will play a vital role in ensuring that we protect our customers’ data and create a culture of security within the business. This is a new role which has been introduced into the business, to help deliver our organisation’s information security program.
Role And Responsibilities
Develop and maintain an ISMS in compliance to ISO 27001:2022
Help manage the certification process for ISO 27001:2022, including all external audits and planning
Manage internal security audits and assessments
Develop, implement, and maintain policies and procedures for information security
Research emerging security threats and identify vulnerabilities
Identify and report on information security risks
Develop a deep understanding of how the Staysure group operates
Work closely with Risk & Compliance and IT; to ensure that all data is securely protected
Help develop the training and awareness requirements for the business
Build and develop relationships with key internal stakeholders, aligning to our values and developing a security culture across the business
Essential Skills
ISO 27001 Lead Implementor/Auditor or at least 2 years of experience supporting an ISO 27001 accredited business
Good working knowledge of security risk and control frameworks such as ISO 27001, PCI DSS, and ITIL
Proven ability to establish and implement information security policies and procedures
Understanding of a range of security technologies, including firewalls, cyber threat intelligence services, DLP, email security, endpoint encryption, end point security, SIEM, vulnerability management, web security
Ability to review security controls, assess control maturity and suggest improvements
Experience of assessing and managing security incidents, service improvements and IT security risks
Understanding of the Data Protection Act 2018 and GDPR
Knowledge of Disaster Recovery/Business Continuity processes
Knowledge of cloud technologies
Good knowledge of business benefits, that security technologies and frameworks can bring
Adept at Stakeholder management
Strong presentation skills and ability to influence others
Desirable:
CISSP, CISM or CRISC