Information Security Manager-MyTechnology

You'll be required to take operational ownership of all information security management processes across multiple sites, including:

• Information security risk management.
• Information security incident management.
• Information security assurance activities.
• Establishment and management of an Information Security Management Forum.
• Support the role of DPC for GDPR/DPA 2018 compliance.
• Support projects and design activities, including:
- security factors such as HMG policy and good practice, - assurance requirements, - technical requirements, - recommendations of security technologies and controls, - physical security requirements, - personnel and / or procedural requirements. - review of new technologies and data protection compliance requirements
• Adopt a proactive approach to security management and security assurance coordination, ensuring smooth running of scheduled activities (pen-tests, security documentation review) and gaining the trust of key stakeholders (including customer representatives and accreditors).
• Engage with external audit and assurance providers, including IT Security Health Check suppliers, scoping test plans and helping stakeholders interpret test results, as well as supporting implementation of any remedial actions, where required.
• Implement the Business Unit Information Security Policy and related processes and procedures in line with ISO27001 and Government policies. Undertake gap analyses against formal security frameworks (particularly ISO27001), reporting on areas of deficiency and producing remedial action plans (where appropriate).
• Manage incident response and conduct investigations to understand the source of security breaches, assess and contain damage and devise measures to protect against future breaches.
What you'll need to do the role:
• ISO27001 Lead Implementer and Lead Auditor.
• Data Protection Compliance knowledge and privacy certifications.
• Risk management knowledge.
• Works collaboratively with a range of people to support the wider business needs.
• Ability to think pragmatically, methodically and logically.
• Ability to make informed decisions.
• Communicates clearly and is able to communicate complex security issues in suitable language for people at all levels within the contract.
• Must be able to achieve and maintain Security Clearance.
Why Serco: Meaningful and vital work: In this position, your work is vital to the business, in terms of decisions and growth. You will gain a world of opportunity working for a globally operating business delivering essential services across 5 vital sectors, personal growth, achievement and development won't be hard to find. You'll also work with great people. You'll find yourself working in a highly motivated, supportive environment where no two days are the same, with experienced colleagues who strive for excellence. What we offer:
• 25 days annual leave plus bank holidays.
• Annual leave purchase scheme.
• Up to 6% contributory pension scheme
• Free onsite parking.
• Serco discounts which include cinema, merlin entertainment and online shopping discounts, and discounts on mobile phone plans and leisure centre memberships.
• A range of benefits to support the health and wellbeing of you and your family such as Employee Assistance Programme, Health Cash Plans, free flu jabs and more.
  
  At Serco, not only is the nature of the work we do important, everyone has an important role to play, from caring for vulnerable people to managing complex public services. We are a team of 50,000 people responsible for delivering essential public services around the world in areas including defence, transport, justice, immigration, healthcare and citizen services. We are innovators, committed to redesigning and improving public services for the benefit of everyone.