Main characteristics
- Location
- Mountsorrel, Leicestershire
- Company
- Harvey Nash
- Salary
- £40000 - £55000/annum hybrid working, benefits
- Employment type
- Permanent
- Category
- Accounting / Financial / Insurance
Job summary
We are looking for an IT Support / InfoSec lead to step up into a formal IT/Infosec Mgr role. As an IT / Infosec Manager you will be responsible for defining and embedding best practice information security policies, standards and processes based on NIST Cyber Security Framework (CSF) and the management of 3rd party service providers.Benefits include:
Hybrid working (3 days/wk onsite)
Competitive Pension
Flexible Benefits Package
I am keen to speak to any experience IT Support / Infosec consultants who are looking to move into more responsible formal leadership position candidates with experience of the Financial Sector, with an understanding of the NIST Cyber Security Framework & IS(phone number removed). Any relevant certifications such as CISM or CISSP would be preferred but not essential.
The Role:
you will play a pivotal role in safeguarding the companies critical data assets from evolving cyber threats. You will be responsible for defining and embedding best practice information security policies, standards and processes based on NIST Cyber Security Framework (CSF).
KEY RESPONSIBILITIES
The maintenance and management of an overall cyber and information security strategy aligned to NIST Cyber Security Framework (CSF
The maintenance and management of the Information Security policies, standards and procedures as required in order to meet the legal and regulatory requirements. Continually monitoring the information security controls, KRIs/KPIs and technical landscape.
The maintenance and management of the Company wide cyber incident response plan including test runs as required. These would be linked to existing plans such as DR and BCP.
Manage third-party information security vendors. This includes performing due diligence on third-party vendors, managing vendor contracts, and ensuring that vendors meet the Companies security requirements.
Conduct audits and regular vulnerability assessments of the IT infrastructure to identify and mitigate potential risks or security breaches, including penetration testing.
Champion security awareness training. This includes developing and delivering security awareness training to all employees and promoting a culture of security.
Chair and lead the Information Security committee
Requirements:
Degree level educated preferably in Information Technology or relevant industry certifications, such as CISM or CISSP.
Expertise in risk management methodologies such as NIST or ISO27001.
Proven experience in managing and maintaining IT security systems and infrastructure.
Broad knowledge of networking protocols, firewall configurations, and system administration.
Broad knowledge of cloud computing platforms and virtualisation technologies.
Excellent written and verbal communication skills with ability to present security requirements to a technical and non-technical audience.
Excellent leadership and communication skills, with the ability to effectively collaborate with stakeholders at all levels. This is an East Midland based role and only candidates who can comfortably commute to the East Midlands 3 days per can be considered. This role would suit an Info Sec Manager or an Info Sec Specialist looking to move into great responsibility
Benefits: hybrid working, benefits