Information Security Manager
Vitality, Information Security Manager, Bournemouth, £Competitive + Bonus + Benefits
Vitality is an award winning, dynamic and vibrant financial services provider, with a ground-breaking vision for the future, where individuals are enabled to succeed and are rewarded and recognised for their contribution to our business.
In exchange for your hard work and commitment to Vitality, we have designed a generous benefits package to reward our employees, this includes;
- A genuine long-term opportunity to grow and establish a long-term career
- Our award winning private medical insurance
- A comprehensive flexible benefits scheme
- Stakeholder Pension Plan with employer contribution
- Vitality Partners and Rewards
As our Information Security Manager you will support the CISO with the implementation of the Information Security Strategy and maintenance of the Information Security Management System. You will provide technical leadership and delivery of technical controls, in support of the Information Security Strategy.
Managing the expanding Information Security team, you are responsible for ensuring that information assets are adequately protected and that appropriate controls and mitigating actions are in place to manage identified information security risks. Finally to protect Vitality and its member’s data; work with stakeholders to ensure appropriate controls are in place.
Responsibilities as our Information Security Manager include:
- Provide expert professional advice across Vitality on Information Security best practice
- Deliver key Information Security initiatives/projects, in line with InfoSec and Cyber Security strategy and Enterprise Risk Framework
- Ensure compliance with Regulatory requirements and Information Security best practice frameworks (e.g. ISO27001, GDPR, NIST, ITIL) to ensure the Confidentiality, Integrity and Availability of Vitality Information Systems
- Chair Security Committees and meetings; represent Vitality at external events and meetings.
- Manage the Information Security team, including IT Risk Management function.
- Oversee Security in project and development activities, to ensure Information Security risks are identified and are being addressed through the project process/SDLC
- Responsible for ensuring Supplier Security risks are assessed and managed
- Be a key contact for, and lead on the management of information security incidents/cyber incidents. Further develop Cyber Incident detection and response capabilities
- Lead on the development and maintenance of Information Security Policies, Standards and Processes across the Vitality Group
- Responsible for the evaluation, recommendation and implementation of security applications, tools and processes, and their continuous improvement; threat modelling and analysis of future trends; penetration testing and remediation
Skills and Experience required of our Information Security Manager:
- Proactive self-starter, self-motivated, results focused, going the extra mile when necessary
- Versatile, able to work on differing initiatives; ability to multi-task and prioritise activities
- Confident communicator; ability to articulate technical knowledge to non-technical audience
- Will share Vitality values and demonstrate these in all their work
- Ability to solve complex problems and make key decisions
- Ability to demonstrate high degree of accuracy and attention to detail in all tasks; strong analytical skills
- Positive thinker with a “can-do” approach to business
- Solution oriented
- Professional security qualifications and certifications such as MSc, CISSP, CISM, CISA or equivalent
- Minimum 7 years’ experience working in Information Security
- Supplier Security assessment and management
- Excellent verbal and written communication skills; ability to articulate technical knowledge to non-technical audience; production of policy/standards/project documentation
- Experience of working with projects throughout the SDLC; Agile methodology
- Appropriate level of technical knowledge (configuration of security tools; SIEM,
- Experience of designing, implementing and managing information security initiatives e.g. SIEM, RBAC, DLP, FIM
- Sound understanding of security frameworks (e.g. ISO27001/2, PCI DSS, NIST), Data Protection and regulatory compliance (e.g. FCA, ICO, PRA, GDPR)
- Experience within the insurance, healthcare and/or financial services industries
- Ability to conduct internal audits and write associated audit reports
- DocuSign Envelope ID: BAE0227A-B547-497A-9695-A4D85F929156
Working for Vitality, as our Information Security Manager, you'll experience an exciting mix of creativity and innovation, within a framework of challenging objectives and a passion for delivering the best.
Our people are chosen for their skills, knowledge, enthusiasm and attitude but above all, their belief that anything can be achieved.
Closing Date: Wednesday 25th April 2018
If you feel you have the skills and experience to become our Information Security Manager please click ‘Apply’ today.