Information Security Manager (Technical)

Salary: 78000 - 88000 DOE

Contract Type: Permanent full time

Work Life Balance: Hybrid with travel to Northampton when required (likely once per week)

Candidate Journey: Our goal is to reply to applications within 3 working days. Additionally we make sure to acknowledge evaluate and respond to all applications as a way of showing our appreciation for your time and effort in applying to us.

The Role:

We are looking for an experienced Information Security Manager to play a key role in protecting our organisations information systems networks and data from cyber threats and security breaches. Reporting directly to the Director of Information Security this role is responsible for supporting and delivering the organisations information security programme while ensuring strong technical controls governance and compliance across the business.

This is a fantastic opportunity for a security professional who enjoys working across both technical security operations and strategic governance helping to strengthen our security posture and build a strong security culture.

What will you do

• Manage and oversee technical security controls to ensure compliance with ISO 27001:2022

• Coordinate and manage penetration testing activities across the business

• Support and manage security audits assessments and testing from a technical security perspective

• Develop implement and maintain information security policies procedures and standards

• Monitor threat intelligence and ensure the business is informed of emerging threats and appropriate remediation actions are taken

• Analyse potential security threats and vulnerabilities ensuring processes are in place to effectively manage incidents

• Develop and test incident management procedures

• Review existing security tools and technologies recommending improvements where necessary

• Identify assess and report on information security risks

• Build a strong understanding of how the organisation operates in order to effectively support security initiatives

• Build and maintain strong relationships with internal stakeholders helping to promote and embed a strong security culture across the business

What were looking for:

• Relevant security certification such as CISSP CISM or CRISC

• ISO 27001 Lead Implementor/Auditor certification or at least 3 years experience supporting an ISO 27001 accredited organisation

• Strong knowledge of security risk and control frameworks including ISO 27001 PCI DSS and ITIL

• Proven experience developing and implementing information security policies and procedures

• Deep understanding of security technologies and controls

• Experience reviewing security control effectiveness assessing maturity and recommending improvements

• Experience managing security incidents service improvements and IT security risks

• Understanding of the benefits and risks associated with AI

• Knowledge of Data Protection Act 2018 and GDPR

• Understanding of Disaster Recovery and Business Continuity planning

• Experience working with cloud technologies

• Strong stakeholder management skills

• Excellent communication and presentation skills with the ability to influence and engage stakeholders at all levels

Were assembling a diverse team where skills not checkboxes reign supreme regardless of race religion sex sexual orientation gender identity or disability.

Staysure Group welcomes all new starters with open arms providing training development opportunities and great benefits.