Listing Description
Information Assurance and Security Manager
Team: Information Security
Reporting to: Head of Information Security Guernsey
Location: Guernsey
Contract: 12 months FTC with possible extension
We are looking for an ambitious Information Security Professional to join our team, to support Agilisys in delivering information security services to our customers.
Experience consulting with customers and internal stakeholders is essential, and this position will suit someone who thrives in a busy and diverse environment and is looking for opportunities to grow their career.
You will have experience of managing security under ISO27001:2013, a good understanding of security governance, risk, and compliance. With experience of security best practices, legislative and regulatory standards, and industry frameworks. An understanding or willingness to learn about cloud technologies is preferable.
Responsibilities
- You will be responsible for assessing, approving, and advising on all information assurance and security matters for Agilisys and our clients.
- Supported by the central and local information security team and working with the local and central IT teams you will be the focal point on matters relating to information assurance and security.
- Implementing and maintaining information security management processes to ISO 27001 standards, as well as other standards and frameworks such as Cyber Essentials Plus or 10 Steps to Cyber Security.
- Support internal and external audits
- Perform and manage risk management activities
- Manage and support security incident response for Agilisys and our clients
- Work with project and programme teams to identify solutions to security challenges that they might introduce, to ensure that assurance, security, and compliance is maintained.
- Oversee and report on the vulnerability management efforts of various stakeholders and teams
Requirements
- Knowledge and experience of information security management
- Customer focused and influential, with a high desire to drive results
- Knowledge and experience in security risk management and compliance
- Knowledge and understanding of technical security controls in an IT environment.
- A good understanding and experience of Incident Response for security incidents and events
- Confident presentation, written and oral communication skills
- Experience of working with recognised IT Security standards and frameworks such as ISO 27001, PCI-DSS, NIST CSF, GovS 007, Cyber Essentials + and/or NCSC Cloud Security Principles or similar
- Security certifications e.g. CISM, CISSP or CompTIA Sec+ or other relevant experience
Advantageous
- Experience within or exposure to public sector including central and local government, healthcare, and blue light services, or a large corporate organisation
- Information Security auditing experience
- Proven experience of staff / team management
- Familiarity of working to ITIL service standards and associated training, certification, and experience.
- Awareness of data protection principles and compliance
We understand some people may not apply for roles unless they “tick every box”. If you’re excited about joining the Agilisys team and think you have much of what we’re looking for, we’d love to hear from you.
Agilisys operates as an equal opportunities employer and we welcome all applications regardless of gender, marital status, sexual orientation, pregnancy, race, colour, ethnic origin, nationality, religion or beliefs, disability, age, political opinions, or trade union membership.
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided