IT Security Manager
IT Security Manager – Full Time – Remote Worker
Our client is looking to recruit an IT Security Manager to join the team on a full-time basis and work across an ever growing group of companies. The role will report into the Chief Technical Officer (CTO) and will look to ensure controls and processes across Compliance related areas, but particularly in relation to IT compliance and security. The role will be that of a remote worker, however travel will be required and therefore applicants must possess a full driving licence and be prepared to stay away from home on occasion.
Key responsibilities of the IT Security Manager:
- Act as the Data Protection Officer (DPO) for the Group of companies
- Ensure GDPR compliance is maintained from within each business unit.
- Develop and maintain the information security policies and accompanying standards, procedures and guidance
- Assist in obtaining/maintaining ISO 27001, CE and CE+ compliance
- To assist Business Units with any data or security breaches and reporting to appropriate governing bodies
- Audit compliance levels for the Business Units within the group and make appropriate recommendations.
- Develop and deliver a programme of planned compliance reviews and ensure any gaps are addressed
- Investigate suspected and actual security incidents in accordance with the security incident response procedures, produce reports with recommendations and ensure any remedial action is taken
- Ensure compliance is in line with Information Security standards, bringing a very strong compliance focus to the role
- Direct the preparation and implementation of policies, procedures and standards relating to information and telecommunication systems
- Use benchmarking data and knowledge of best practices to inform way ahead
- Working closely with the IT Leadership team to ensure compliance
- Maintain knowledge with emerging security trends, risks, new guidance or standards (internal and external) and security enhancing technologies
- Identify, deploy and report on security related information via the companies chosen product currently Knowbe4
- Involvement in a range of IT Projects from a security/compliance perspective.
- Additionally, involvement in other non IT compliance across the group will be required where necessary. Particularly in relation to our payment facilitation business where Financial Conduct Authority compliance, anti money laundering and Know Your Customer controls and reviews are key.
- Develop a learning, researching and evaluating culture for new technologies within the team
- To promote security awareness by developing and implementing a security awareness and training programme
- Respond to enquiries from staff and provide security advice as required
- Work with internal stakeholders to develop relationships to help promote and improve information security and provide security advice on procurements, projects and new initiatives as required.
- Ensures that the Company’s reputation and relationship with customers, service providers and partners is healthy, improving and a prime focus internally
- Work with our key business stakeholders to implement and manage Disaster Recovery Plans.
Key requirements for the IT Security Manager:
- Educated to degree level with an information security qualification such as CISSP, CISM or substantial work experience at a level demonstrating graduate ability and security knowledge
- Have proven experience as an Information Security officer or Information Security Manager
- Understanding of, and practical experience of applying the General Data Protection Regulation and other related legislation, standards and codes of practice
- A good working knowledge of information security including PCI DSS
- Good working knowledge of information risk analysis/management
- Experience in IT audit and IT risk management
- Working knowledge of ISO 27001
- Familiarity with common cyber security attack methods.
If you are interested in this IT Security Manager position and feel your experience matches the criteria then please apply now for immediate consideration or for more information please contact Andrew Davison.
Medlock Partners are a professional services recruitment specialist operating across England. We are proud to be an equal opportunities employer and encourage applications from candidates of all backgrounds and circumstances, including minorities and those with disabilities. Please note our advertisements use years’ experience and salary levels purely as a guide. We are happy to consider applications from all candidates who are able to demonstrate the skills necessary to fulfil the role. If you do not hear from us within 48 hours please assume that your application has been unsuccessful on this occasion.