Information Security Manager

As the Information Security Manager, you will strengthen our security posture by working proactively across our systems to improve our information security framework and standards continually. You'll oversee the risk management cycle, implement controls, and manage risks. A part of the role will also focus on the company's business continuity management system.,

• Managing information security frameworks - ISO 27001, NIST CSF, and Cyber Essentials.
• Managing security best practices across the cloud and on-premises infrastructure, with continual improvements.
• To lead and oversee ISO audits - ISO 27001, ISO 9001, ISO 14001, and ISO 22301.
• Managing the entire risk management lifecycle.
• Implement and run staff information training and awareness.
• Ensure all management systems' policies and procedural documentation are kept updated.
• Reviewing information flows, data transfer processes and data transfer records.
• Ensure effective reporting and management of security incidents and breaches.
• Manage vulnerability and penetration testing and any required remediation work for the business or its clients' environments.
• Maintain awareness of current and emerging cyber security trends, threats, and vulnerabilities.
• Work with our clients to conduct and review security assessments.
• Conduct business continuity plan tests.
  
  Has 3-5 years of being an Information Security Manager.
• Comprehensive understanding of Information Security Frameworks (e.g. ISO 27001, NIST CSF, and Cyber Essentials) and UK and UK Data Protection Act 2018, including GDPR.
• Excellent experience in undertaking information security risk assessments. Knowledge of security technologies such as IDS/IPS, vulnerability testing, firewalls, and auditing of security on AWS., An information security certification (CISM, CISSP or similar).
• Has excellent verbal and written English.
• Is well-organised and able to report on progress concisely