What the role is all about
Information Security never ceases managing risks and improving our security controls. You will be responsible for developing and implementing policies, procedures, and strategies to protect our organisation's confidential data and systems from unauthorised access, use, disclosure, and destruction. You will ensure we are compliant with all policies and maintain strong audit trails. You will push information security improvement and maturity across the organisation to better serve our teams and our customers.
As the Information Security Manager Specifically, you will be responsible for:
Maintaining ISO 27001 certificationConducting internal audits and leading on external auditsEnsuring that risks are managed using the correct controlsEngaging with internal/external stakeholders on security incidents, queries etcManage business continuity and disaster recovery policies/procedures/schedulesLeading Access Management improvements and initiatives in the organisation on internal and external IdP systems and employee security initiativesOverseeing access management recertification programmesManaging cross-functional projects across multiple teams and stakeholders to drive Identity and Access Management (IAM) business objectives and requirementsProvide operational data protection compliance support in areas of cross-over with information security and ISO27001Line management of one team member with workplace IT responsibilities
You are entrepreneurial, agile and comfortable working in a start-up environment and energised by working in a fast-paced environment characterised by constant change.
You will have:
- Experience in the IT or InfoSec field with 2+ years of experience as an operations manager or service lead within the IT field
- Strong experience with leading and operating employee support and change management programmes
- Experience being a people manager and knowing how to manage the needs of the team while meeting business objectives in an agile environment
- Hands-on experience with owning common employee productivity SaaS tooling such as Google Workspaces, Okta, Jira, and similar technologies
- The ability to see the big picture, define plans that align to business goals and set measurable metrics
- Ability to manage multiple/varied tasks and prioritise workload with attention to detail.
- Comfortable operating autonomously once goals and objectives are set.
- Strong interpersonal and organisational skills, with the ability to successfully work both independently and effectively within a team.
- Strong leadership capability, executing as appropriate in the areas of responsibility.
- Excellent oral and written communication skills, including the ability to explain technology solutions to non-technology internal client base.
- Proven ability to engage constructively with colleagues at all levels across different departments to deliver objectives.
- Ability to quickly establish credibility and build rapport and trust.
- Experience of security auditing and monitoring
Nice to have
- Hands on experience or good knowledge of other ISO Management Systems eg. ISO 13485, ISO 14001
- Strong experience with leading people, teams and projects, and engaging with various stakeholders cross functionally
- Knowledge of IT architecture and underpinning technologies
- Certification holder (CIPP-E, CISM, Security+, CISSP, etc)
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided