Information Security Manager
A global Insurance business is looking to hire an Information Security manager to be responsible for managing the information security for the compnay's Global information systems and associated IT services to preserve the confidentiality, integrity and availability of the corporate and client data in line with legal and corporate requirements.
- The candidate will perform the following key activities Liaise with management and business users, to understand business goals, priorities, and information needs, and to recommend information security practices and solutions in line with business requirements.
- Provide consultancy across the business to ensure relevant and appropriate information security controls are applied to ensure both the departmental and business objectives are met.
- Ensure alignment of solutions to the Branch and Group strategies by balancing the business requirements with the security constraints and risks. Develop and maintain an information security strategy.
- Liaise with internal staff and external companies to ensure optimum solutions are chosen. Keep abreast of the current security threat landscape and provide relevant and up to date guidance on proposed information security risks to the business.
- Keep abreast of developments in IT and Information security and offer guidance and consultancy to ensure both suitability and sustainability of IT and Information security strategies. Understand and ensure compliance to relevant legislation and corporate policies in relation to information security (e.g. GDPR, FCA Requirements).
- Liaise with Global Security team to ensure compliance with global and local corporate policies and adopted information security standards (e.g. ISO27001). Provide a Risk Management approach to ensure Information security solutions and controls are commensurate to the business risks and appetite of company.
- Ensure the relevant procedures in relation to business continuity and incident management are developed and applied to minimise disruption to the business in the event of an incident occurring. Escalate risks and issues to the appropriate levels and ensure a timely resolution to actions raised.
- Proven track record of three years or more implementing information security practices within a large and diverse organisation, specifically ISO27001 Certification.
- Strong background in information technology with a clear understanding of the challenges of Information and IT security.
- An excellent knowledge of relevant information security standards and practices.
- A good understanding and experience of implementing information security within cloud-based environments.
- Experience and skills in the project management of the design and implementation of corporate Information security projects.
- Demonstrated leadership abilities that energise multi-discipline work teams to respond to business needs.
- Excellent oral and written communications skills, as well as ability to present and explain information security in a way that establishes rapport, persuades others, and gains understanding across the organisation.