Information Security Manager - Flexible Working Available
iPSL are looking for an Information Security Manager working as part of the Cyber Security function, the role is of a consultative, governance and advisory nature and pertains to the management of Information Security within the company.
We are the leading digital payment processing service provider within the UK and have recently gone through the biggest business transformation programme the company has ever seen!
The role will be based in Northampton, and comes with a competitive salary, between £40,000 to £60,500p.a. (depending on experience) + Car allowance of £5,100 and Private Family Healthcare.
The hours of work will be 35 per week. We may be able to offer flexible working hours and there is the option to work from home several days per week.
The Information Security Officer is required to undertake a range of tasks supporting iPSL key business objectives as directed within the Information Security environment.
Key Responsibilities include:
- Accountable for the completion of all assigned Information Security activity and associated reporting.
- Manage the budget for the Information Security stream of the Cyber Security budget on a day-to-day basis.
- Accountable for the line management of individuals allotted to the Information Security branch of the CISO Office.
- Responsible for identifying, monitoring and managing Cyber risks to iPSL.
- Accountable for the delivery and management of Information Security policies, standards and guidelines documentation across the organisation.
- Accountable for the delivery of the Information Security awareness programme across the organisation, testing of all iPSL contractors, temporary staff and employees on their cyber awareness levels, and upskill the workforce to enhance iPSL cyber defence capabilities.
- Accountable for the approval of deviations to policy via dispensation, engaging with Central Risk as required to ensure the correct balance is maintained between policy adherence-dispensation-risk.
- Accountable for ensuring information security risk is managed within tolerance, in conjunction with the Risk team. Production of regular and ad hoc reporting to meet both internal and external requirements.
- Subject Matter Expert for providing internal consultative Information Security support at all levels of the business.
- Work with the client base in support of internal and external security assurance activity and business as usual (BAU) security operations issues, including chairing/hosting meetings and reviews as required in support of this objective.
- Undertake (and, in some instances, be accountable for) activities as required to assure the operational effectiveness of controls that mitigate or otherwise manage Information Security risk within tolerance.
- Produce, deliver and present complete, accurately and timely management information for iPSL key governance forums.
- Develop and maintain constructive and collaborative relationships with internal stakeholders, clients and third party suppliers to ensure effective management of security arrangements are in place at all times.
- Identify opportunities to improve service, quality and efficiency.
- Deputises for the CISO during periods of absence.
Knowledge, Skills and Experience:
- At least 3 years’ experience of working within an Information Security, Information Technology, Quality, or Risk function with at least 1 year within the financial services industry.
- At least 1 years’ experience of managing Risk within an Information Security function, or of a Risk function with a significant focus on Information or Cyber Security, preferably within the financial services industry.
- At least 1 years’ experience of Information Security auditing, preferably within a financial services setting.
- Working knowledge of network security architecture.
- Commitment to deliver and maintain high levels of customer satisfaction.
- Experience of working in an ISO9001 compliant environment is desirable.
- Good written and verbal communication skills.
- Excellent analytical and problem-solving abilities.
- Good organisational and time management skills.
- Be able to work at own initiative and demonstrate proactivity.
- Ability to assimilate and utilise new information, processes and training.
Training & Qualifications:
- A bachelor’s degree in computer science, programming, or a related field
- Provable knowledge of IT Security principles, standards and regulations, such as ISO27001, NIST, SOX, PCI DSS etc.
- CISM certified (or be working towards certification)
- ISO27001 Lead Auditor certified
- ITIL Foundation certified
- CISMP or CISSP (or equivalent) qualification is desirable
CLOSING DATE: 15th November 2019
VACANCY REFERENCE: VW/MD/510319 /CISO