Information Security Manager
I am currently working with a financial based services company that originates from Ireland and now has over 2,500 staff worldwide! The company themselves deliver a broad range of services that include software development, project management and of course IT infrastructure and security
The security manager will be responsible for the information security structure across the whole organization and be given an advisory role in the following areas data privacy, governance and of course cyber security.
The company have a very strong package on offer which incudes the option for working from home when required!
* Operate and maintain an ISO27001 Information Security Management System.
* Assess emerging and new external threats and provide guidance for any required mitigations.
* Maintain and update information security policies and procedures. Support in the rollout and embedding of those policies and procedures.
* Drive security awareness campaigns for all users including phishing exercises.
* Support all business units in deployments of new technologies; assess information security and data protection risks, which may include assisting in preparation of DPIAs and vendor risk assessments, security design workshops, and solution evaluation.
* Liaise with various teams, providing guidance on information and IT security matters.
* Review and sign off on appropriateness of security controls.
* Maintain and update security reference architecture to ensure adequate security controls are deployed and operating effectively.
* Operate a SIEM and other monitoring tools for security monitoring purposes.
* Liaise with internal, external and client audit teams to support security audits providing evidence of security controls and their effectiveness as required.
* Participate or lead information security incident responses where required.
* Organise and deliver information security programmes in conjunction with Project Management teams
* Assist business areas with the management of cyber and security related issues
Key Requirements and Experience:
* 5+ years' experience in Information Security
* Experience in managing an ISO27001 information security management system.
* Technical expertise, with an ability to understand networking and application security concepts and practices.
* Solid understanding of systems architecture; cloud technologies; software development lifecycles; infrastructure, including in the areas of desktop/server/network device hardening; encryption & firewalls.
* Knowledge of DevSecOps and ability to liaise with software development teams.
* Experience in information security incident response.
* CISM, CISSP, CISA
* Experience in supporting external security audits.
For more information on this role please contact Peter Raine at Reperio Human Capital
Reperio Human Capital acts as an Employment Agency and an Employment Business.