- Collaborating with senior management to develop and refine the organisation's information security strategy, aligning it with business objectives and regulatory requirements.
- Developing, implementing, and maintaining information & data security policies, standards, guidelines, and procedures to ensure compliance with relevant regulations (e.g. GDPR, PCI DSS) and industry standards such as Cyber Essentials+, ISO 27001 & NIST guidelines.
- Managing the relationship(s) with 3rd party suppliers responsible for implementing and managing security monitoring tools and technologies, ensuring we detect and respond to security threats in a timely manner.
- Developing and deliver a security awareness and training programs to educate colleagues about security best practices and ensure compliance with security policies and procedures e.g. Phishing & Poster Campaigns, USB Drop Testing.
- Maintaining risk awareness within the role, ensuring relevant controls are implemented and are operating effectively, reporting of all risk events identified and escalating risk issues which have the potential to breach the Society's appetite for risk / control environment.
- Evaluate and manage third-party vendors and service providers to ensure they meet the organisational security requirements and adhere to contractual obligations relating to information security.
Information Secruity Manager - Mansfield, United Kingdom - Emberleigh
Description
Location: Mansfield -2 days per week in office rest remote
Pay: available on application
Ensuring the Society's compliance with industry-standard security practices and regulations, while continuously evaluating and enhancing the organisation's security posture. Playing a pivotal role in minimising risks & protecting assets.
Here's a taste of what the role will involve:
What we're looking for:
· Minimum of 3 years of experience in information security management.
· In-depth knowledge of information security principles, practices, technologies, and standards.
· Knowledge of Cybersecurity Frameworks and Standards Compliance.
· Knowledge of data Privacy Laws and Regulations.
· Cloud Security best practice and principles.
· Security Education & Awareness
· Ability to work under pressure.
· Driven, self-motivated, and results oriented.
· A passionate for delivering value to customers.
· Flexible & Quick thinking.
· Strong written and verbal communication.
· Ability to adjust priorities and manage own workload in a fast-paced environment.
What we offer
• 35 hour working week
• Two paid volunteering days
• An organisation with a sustainability agenda
• Group Personal Pension Plan & Auto Enrolment Pension Schemes – up to 9% matched
• Birthday Holiday
• Holiday Purchase Scheme
• Life Insurance 4x Current Annual Salary