Information Security Manager - REMOTE
Salary: Up to 70K (based on experience)
What are we all about?
Want to do the best work of your life?
We are now looking for an an experienced Information Security Manager to join our talented and growing Technology team to transform our organisation. You will be working closely with the CTO, business leadership, and senior stakeholders where you will be responsible for the end-to-end design of a new ISMS and IS policy framework (including the ISMS creation, documentation, validation, and management) to support the continuous evolution of our information security related capabilities, processes and supporting technologies.
Ideally, you will be able to demonstrate in-depth understanding of applicable information security, compliance and regulatory requirements and standards (e.g. UK GDPR, PECR and DPA, ISO27001: 2013, ISO27002, Cyber Essentials, and US equivalents) and have led an organisation through the process of ISO27001:2013 certification.
What you Do?
* Working with function Heads within the Technology team. across the business and with external partners to ensure compliance of all IS controls and processes.
* Ensuring that all processes within the Technology team are compliant with current UK regulations and obligations (e.g. UK GDPR, PECR, DPA, PCI-DSS) and other relevant information security standards (including US alignment where applicable).
* Developing an Information Security Management System (ISMS) for CV-Library which meets applicable requirements of the ISO 27002 standard and is ready for ISO 27001:2013 certification.
* Maintaining IS controls, standards, and procedures according to industry good practice (including risk assessments, audit, registers, corrective actions, and remediation).
* Providing first party incident mitigation, response, and remediation, including threat and vulnerability analysis.
* Verifying that all validation activities for products developed in-house (and via 3rd parties) and any SaaS systems used meet our client and industry compliance and regulation requirements and expectations.
What you'll need?
* Experienced Compliance Manager or being able to demonstrate experience in a similar role (preferably with industry certification and awareness of Cloud and on-premises IT).
* Being able to demonstrate in-depth understanding of applicable information security, compliance and regulatory requirements and standards (e.g. UK GDPR, PECR and DPA, ISO27001: 2013, ISO27002, Cyber Essentials, and US equivalents).
* Experience leading an organisation through the process of ISO27001:2013 certification.
* Demonstrate excellent verbal and written communication skills and be able to describe technical/security issues and their solutions to a non-technical audience.
* Be self-motivated, inquisitive, analytical, calm but enthusiastic, and always be looking to provide solutions and improvement opportunities.
* Be comfortable working on and prioritising own initiatives and collaborating internally and externally as part of a team.
What you'll get?
* Excellent basic salary with generous bonus scheme
* 25 days annual leave, plus additional days for length of service and your birthday!
* Regular team incentives and social events, including annual Christmas and Summer parties
* Discounts with major cinemas and retailers, family days out, and much more
* Life Insurance and Company Pension
* Employee Assistance Programme (Mental Health & Well-being support)
* Great culture and work environment
Information | Security | Remote
This is a great opportunity for someone who'd like to expand on their knowledge across various languages within a relaxed and supportive environment..
Please send your CV through to firstname.lastname@example.org and we can book in a first stage call to talk it through!
Jefferson Frank is the Amazon Web Services (AWS) recruiter of choice. We work with organizations worldwide to find and deliver the best permanent and contract AWS DevOps, Big Data, IaaS and PaaS, and AWS Security professionals on the planet. For more information, visit jeffersonfrank.com.