Information Security Manager

Posted 24 June 2022
LocationOxfordshire
Job type Permanent
Reference29942
Contact NameEmily Hunter

Job description

This individual will assist in identifying and adapting the security program to changing business dynamics, changing technology, and changing cyber security threats. The ideal candidate will bring deep security technology skills, a disciplined approach to managing risk, and the ability to communicate and influence a broad community of stakeholders.

 

Key responsibilities and deliverables:

 

  • Contribute to the cyber security risk management program, identifying risk by leading data security audits and third-party assessments consistent with cyber security frameworks such as NIST CSF.
  • Lead employee training and awareness activities, draft security policies and standards and monitor compliance.
  • Evaluate and contribute to the operation of the security technology portfolio, ensuring those tools that have been implemented are operating effectively and maximizing investment
  • Engage with the business functions to understand business processes, systems, data, and sensitivity.
  • Engage with IT/security operations to prioritise and assist in the remediation of security vulnerabilities.
  • Oversee the execution of ITGC SOX audits and ensure performance of these controls.

 

IT/Cyber Security experience:

 

  • BS/BA with 6+ years of experience in diverse IT and/or cyber security related roles.
  • Experience in IT technologies, including networking, identity management, email security, encryption, and others.
  • Experience in the implementation and operation of cyber security tools in on-premise, hybrid and cloud based (Azure) environments.
  • Experience implementing Microsoft’s E5 security and compliance tools desired.
  • Working knowledge and experience leveraging a cyber security framework such as NIST or ISO27001.
  • Working knowledge and experience with applicable privacy practices and laws (GDPR, HIPAA, CCPA, etc).
  • Experience conducting or coordinating pen tests and / or security audits.
  • Certifications such as CISSP, CISA, CCSP, CompTIA Security+ are a plus.