Information Security Governance Manager

S-RM is a global intelligence and cyber security consultancy. Since 2005 weve helped some of the most sophisticated clients in the world solve some of their toughest challenges.

Weve been able to do this because of our outstanding people. Were committed to developing bright curious driven individuals who want to think critically solve complex problems and achieve success.

But we also know that work isnt everything Its about the lives and careers it helps us build. Were immensely proud of this culture and we invest in our peoples wellbeing learning and ideas every day.

WORKING IN INFOSEC AT S-RM

As Information Security Governance Manager youll be responsible for:

Building and delivering KPIs presentations to senior leadership and heads of departments.

Working with Technology Operations to deploy companywide phishing tests track and report on the results.

Deploy company-wide security awareness training using company approved training platform and contribute to the evaluation of effectiveness of the selected training platform.

Coordinate team effort in the investigation and containment activities in the internal incident response team.

Maintaining and monitoring SOPs.

Manage exceptions to organisation-wide security policies.

Lead and complete assurance on technical security controls and technical design on both new and existing solutions in the application portfolio. Subsequently work with the business to close out identified gaps identified as part of the assurance process.

Consult the rest of the business and represent Information Security in key forums e.g. Project teams Executive Committee DevOps IT Operations Risk and Compliance and Legal to ensure that security standards are met and adhered to.

Manage the supplier evaluation process and action findings identified from the process for RFP/RFIs requested from the business and internal supplier evaluation requirements.

Coordinate the delivery of companies Incident Response and Disaster Recovery tabletop exercises and planned failover tests.

Provide input to organisational risk registers based on knowledge of current and emerging information security risk and known vulnerabilities within existing controls.

Build and maintain positive stakeholder relationships at all levels of the organisation as well as with key external stakeholders (including clients certification bodies and external consultants).

Develop the roadmap of InfoSec projects drive the delivery of the roadmap and track completion progress.

Provide input in InfoSec budget planning covering investment in BAU as well as InfoSec project work.

Compliance

Develop and implement and support in the maintenance of organisation-wide security policies and processes that are aligned with ISO27001:2022 CIS and NIST frameworks.

Managing internal and external audit programmes and maintenance of established frameworks such as ISO27001 and Cyber Essentials and other frameworks where required.

Manage remediation process following external audits and internal security assessments. Includes coordination of pentest findings vuln scan findings and CIS benchmark reviews but does not involve implementation of the fixes.

The successful candidate must have permission to work in London by the start of their employment.

Our benefits

We offer thoughtful balanced rewards and support to help our people do their best work and live their lives outside it this includes but is not exhaustive of:

• 25 days holiday per yearin addition to bank holidays (1 day for every year of service up to a maximum of 30 days in total);
• Hybridworking and flexible working hours;
• Matchingpensioncontribution up to7% (up to a maximum of 14% combined) and financial education;
• Life Insurance4X annual salary.

Parental Support:

• Fertility treatment leave 5 days of leaveper cycle of treatment per year;
• Maternity leave 26 weeks of full payfollowed by 13 weeks of half pay;
• Paternity leave 6 weeks of full pay.

Various Health and Medical Benefits including:

• Private dental and medical insurance(taxable benefit) for you and your family;
• Virtual GPfor you and your family members that live in the same household;
• Variousgym discountsfor you and your partner;
• EAP programmefor you and your immediate family;
• Free access to the world-famous mindfulness appHeadspace.