Senior Information Security Manager - Nottingham, United Kingdom - MHR

MHR
MHR
Verified Company
Nottingham, United Kingdom

4 weeks ago

Tom O´Connor

Posted by:

Tom O´Connor

beBee Recruiter


Description

The role of Senior Information Security Manager is Support the business to operate securely and in line with legislative, contractual and certification requirements and within the risk appetite of the Board.


Duties and Responsibilities:


  • Identify and document the key security risks across the business through understanding key information assets and their associated threats.
  • Identify, monitor and drive compliance to legislative, contractual and certification requirements, including ISO 27001 and Cyber Essentials.
  • Define, maintain and communicate information security policies that set minimum security control requirements across the business.
  • Identify and review changes and projects across the business that require security input to ensure key risks are understood and managed.
  • Oversee the completion of security risk assessments of key information assets to understand if key security risks are being effectively managed.
  • Regularly report to Chiefs and Directors on the key security risks in their area and how effectively these are being managed.
  • Establish and run an information security committee in conjunction with the Chief Information Security Officer to provide governance over information security risks.
  • Oversee the delivery of an information security training and awareness programme to educate staff on key security threats.
  • Monitor the effectiveness of information security controls across the business through KRIs and KPIs.
  • Oversee the coordination of customer and thirdparty penetration testing.
  • Undertake customer and supplier contract reviews to ensure appropriate security clauses are included.
  • Coordinate the response to major and minor information security incidents.
  • Present to customers on the effectiveness of MHR's security control environment and answering complex questions that cannot be answered by the presales team.
  • Manage the performance and development of a small team to assist in delivering the above responsibilities.
  • Assist the CISO in defining and managing the Cyber Security Strategy to meet the mission and vision of the team.
  • Deputise for the CISO in their absence.

Skills:


  • Information security governance
  • Information security ri

More jobs from MHR