Information Security Manager (Risk, Projects, Operations) BLUI36052
- Recruiter
- Blue Octopus
- Location
- Liverpool, Merseyside
- Salary
- Circa £40,000 depending on skills and experience
- Posted
- 20 Apr 2016
- Closes
- 18 May 2016
- Ref
- BLUI36052
- Sectors
- IT, Management
- Contract Type
- Permanent
- Hours
- Full Time
Information Security Manager (Risk, Projects, Operations) BLUI36052
Liverpool
Circa £40,000 depending on skills and experience
Our client administers the Principal Civil Service Pension Scheme and provide pensions to over 1.5 million people. With a strong heritage as the provider of a broad portfolio of administration services, their deep public and private sector knowledge and experience means they are a unique provider in the field.
Over the past three years, their business has grown from strength-to-strength aided by the fantastic talent of their employee partners. So, to help them grow, they on the look-out for more ambitious professionals who will contribute to drive the business forward in an exciting time of growth.
They are now looking for an Information Security Manager to join them in their Liverpool office.
Reporting to the Financial Controller you will develop, approve, communicate and maintain the Information Assurance Strategy (in line with business risk appetite, HMG and other standards, accreditation strategy and contractual requirements), ISMS, Security Policy and their Control Framework. Promote a security-aware organisation culture with embedded ownership top-down, and measurable compliance, preparation for and future maintenance of ISO 27000 certification.
This will involve Liaison with Project planners, ICT system designers, infrastructure build teams, application software developers and end-user management to ensure the inclusion of appropriate security controls and procedures in the specification, development, testing and eventual operational phases of transformation solutions.
You will ensure that the controls and procedures as defined are effectively deployed and operating, whether these are technical controls, operational processes or people-based procedures. Working with managers across the company to ensure that all departments/teams are recording data accurately and meeting appropriate data quality standards, you will also work with employers and their payroll providers to improve understanding of the impact of poor data and build relationships to improve the quality of data submitted.
In addition, you will review and assess threat intelligence from HMG and other sources, review of security incident reports from our client and related sources, working with local management to resolve immediate issues, advising their management on appropriate response.
In order to be successful, you will have experience of working in development projects, with multiple parties, subcontracts, full control range (physical, technological, people-based and procedural controls), and full lifecycle implementation. You will also be proficient understanding of the prevailing security, risk and IT standards, policies and frameworks, e.g. ISO27001, COBIT, ITIL and have knowledge of Business Continuity standards, policies and frameworks, e.g. ISO 22301.
Ideally, you will be a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) and have knowledge of HMG standards and IA processes.
ISO 27000 Lead Auditor certification and other similar certifications in relevant information security disciplines (such as BCS, SANS, relevant University InfoSec degrees) would be beneficial however aren’t essential.
Please refer to the job description when applying for this role
This is a Blue Octopus Recruitment Ltd vacancy who are operating as an employment agency. Once you have clicked to apply for this vacancy, we will then send you more information on the role including a copy of the application form via email.