Information Security Manager (TI/1302)
Location: Home based
Sector: Security Operations
We are working with a global cyber security vendor that grew by 25% last year, exclusively searching for an Information Security Manager. This position is internally facing, working alongside the wider technology teams to ensure the organisation have the policies, controls and infrastructure in place to best defend against threat actors. This includes support of both internal/external audits, incident response, disaster recovery and more.
This position is fully remote and can work in the UK or Western Europe.
• Support ongoing and new information security projects
• Work with the IT team to ensure security practices are at the forefront of every new infrastructure project.
• Implement and roll out new policies and controls to suit the rapid growth of the organisation.
• Manage and execute ongoing internal audits against access, system and network hardening and security related technical controls.
• Develop and maintain organization-wide information security awareness program
• Develop and maintain information security policies and procedures aligned to industry standards (e.g. ISO27001)
• Implement and maintain a risk-based security assessment program for critical organizational assets
• Maintain and update standards-based control documentation include evidence of control effectiveness
• Maintain currency on technical security threats and provide regular communication to management on information security risks to the organization’s assets
• Provide support for response to security-related queries from clients, vendors and other third-parties as required or requested by management
Required Knowledge, Skills and Abilities
• Demonstrable experience in Information Security
• Industry-recognized security certification a plus
• Experience working with global, distributed and remote teams
• Demonstrated experience developing and implementing security controls
• Knowledge of security best practices aligned to industry standards
• Experience negotiating with third-party vendors and other support providers
• Understanding of risk-management aspects of system implementation
• Hands-on infrastructure management, setup and troubleshooting experience.