Information Security Manager

  • Market Rate
  • London, England, United Kingdom
  • Permanent, Full time
  • Curve Group Holdings
  • 12 Dec 17 2017-12-12

Based Bexhill on Sea OR London (with flexibility for homeworking) In this newly created role you would be responsible for acting in the second line of defence, able to assess risks, provide assurance and advise the business on the Cyber / Information Security landscape. You would be the subject matter expert on Cyber / Information Security and provide advice for the business in the Cyber / Information Security fields.

Accountabilities

  • Maintain an up-to-date Information Security framework that fits within the business model.
  • Undertake and produce Cyber/IS security risk assessments for the business, in new and existing projects as well as within the current business landscape.
  • Provide assurance to the business in terms of Cyber / Information Security that it is meeting its regulatory requirements as well as its risk appetite.
  • Whilst maintaining separation as part of the second line, advising IT and other dependent business areas of the best solutions for security and giving advice on the current issues and risks.
  • Keeping abreast of current real world Cyber and Information Security threats and assessing their significance to the wider business.
  • Attend leadership and other management meetings under the direction of the Head of Information Governance, for example to educate, advise and challenge appropriately colleagues and leaders on the business impact of Cyber / Information Security requirements.

Skills Knowledge & Experience

  • Substantial experience in Cyber / Information Security, ideally in Financial Services or the Insurance Industry.
  • Ability to explain complex issues in a straightforward way.
  • Confident influencer at all levels.
  • Great at building relationships.
  • Excellent written and verbal communications skills.
  • Highly pro-active.

Qualifications

Must hold at least one of the following certifications:  CISM, CISA or CISSP. Either CRISC or CEH would also be desirable.