Job Type: Full Time, Permanent
Salary: £20,000 - £29,999, £30,000 - £39,999, £40,000 - £49,999, £50,000 - £59,999
A global Fund Manager is looking to add an outstanding Information Security Manager to their growing and successful team based in West London.
This role will require you to be based full time in the office 5 days per week (should tighter COVID restrictions be put in place this will be reviewed).
As the organisations ISM (Information Security Manager), you will be responsible for the security of the global business. The security team supports the business in ensuring confidentiality, integrity and availability of our systems and information assets & privacy.
Duties & Responsibilities:
- Be responsible for managing the development and on-going implementation of the Cyber Security strategy and objectives.
- Build and implement an ISMS.
- Create all required policies and procedure that are ISO27001 and PCI compliant.
- Have ownership and day to day management responsibility for all Cyber Security systems, applications, policies and processes.
- Staff education, awareness and training of cyber security risks and preventative actions are regularly delivered via multiple channels and a robust cyber security communication plan.
- Perform security risk assessments, providing guidance on the implementation of all projects with information security implications across the company.
- Implement and maintain KPIs and metrics to allow the monitoring of compliance with security policies and procedures against industry standard/best practice.
- Network and partner with other organisations to improve knowledge and approach.
- Carry out full security audits (internal and external with relevant suppliers) and ensure compliance and best practice is adhered to.
- Act as a key stakeholder in the identification of cyber security risk and the design and introduction of appropriate controls and mitigation.
- Implement and improve procedures and processes to optimise information security effectiveness. The role will also include the
- Management of cyber security incidents from second-line investigation through to resolution.
- Ensure compliance with ISO27001, PCI DSS v3.2.1, GDPR, and other required compliance requirements
- Supporting the implementation of security culture and embedding of security controls into business change and processes
- Managing security for the allocated business units and teams to ensure programs are delivered and business operations are reviewed to identify high risk processes
- Being the Interface between the business teams Cyber Security team
- Assisting International level teams and capabilities to understand the business operations to enable security services to be optimised for all areas
- Driving security awareness and education throughout the business units. Win hearts and minds and maintain a security culture
- Proactively coordinating Cyber risk resolution
- Supporting Security Solution engagement in Change Programs
- Promote and champion best practices for Cyber Security, Risk Management, ITiL and service delivery
Experience and Qualifications Required
- CISSP - essential, unfortunately you will not be considered without
- 10 yrs minimum Cyber Security experience
- Broad IT security management knowledge, skills and experience
- Microsoft Windows Servers, Azure, O365 Security and Compliance
- Data Leakage prevention experience
- Forensic Investigations and Risk Management experience
- Amazon Web Services (EC2, S3 & WAF) experience
- Proven ability to build relationships with senior business and security stakeholders.
- Excellent communication skills that can transcend technical and non-technical audiences
- Experience with implementing or managing risk management processes and tools
- The ability to work in a constantly changing and fast paced environment. Strong team ethic combined with determined approach to ensure completion of work
- Relevant degree and professional security qualifications (alongside CISSP) such as CISA or CISM preferred or willingness to study for professional security qualification
- Change management and information security risk & governance experience
- Experience of compiling information for the purposes of internal and external audits/ regulatory commitments
- Relevant cyber and security experience in financial services industry, preferably card business
An exciting and ambitious project, send through an application if this meets your criteria.
Role: Information Security Manager
Job Type: Full Time, Permanent
Location: London (West), London (Greater), London (Greater)
Apply for this job now.