Information Security Manager

Job Title Information Security Manager
Sector Cyber Security
Location Cardiff
Type Contract
Salary £0-£50000

Information Security Manager

My client based in Cardiff are actively looking for an Information Security Manager to join them on an initial Fixed Term Contract basis, for 12 months. Within this role you will be joining a team of 4 and will have diverse responsibility across both their governance and technical security capabilities. As a result you will ideally have a strong technical grounding with exposure to audting against frameworks such at NIST and ISO27001.

Job Duties:

  • Delivers a number of key Information Assurance (IA,) related initiatives including an Enterprise Wide Data Classification program
  • Undertakes formal compliance monitoring and ensures that breaches are identified, addressed and remediated
  • Drives forward security best practice in various domains including Access Management, Cryptography, Cloud Computing and Storage, Data Governance etc.
  • Undertakes formal risk assessments against applications, processes and prospective solutions
  • Continuously improve and enhance the cyber security framework based on leading standards including CIS Critical Controls, COBIT5, ISO 27001, CESG and NIST frameworks
  • Manage key compliance programs including, where appropriate, ISO 27001, PCI-DSS.
  • Liaises and maintains excellent business relationship management with other business leads and IT leads to deliver quality security related services and solutions, and a secure applications landscape
  • Produces quality reporting and associated management information on the state of information security, IA work streams, risk exposure and threat management
  • Undertakes IT Disaster Recovery planning and design
  • Maintains an annual testing program of the IB's main Data Centre Disaster Recovery plan.

Desirable experience/ qualifications:

  • Certified Information Systems Security Professional (CISSP), in good standing is essential
  • CREST, CHECK and OSCP are desirable
  • Experience of Security Architecture design
  • Experience of working as part of a Cyber Security Incident Response Team (CSIRT)
  • Experience in enterprise security design preferably with MS Azure, Amazon Cloud Services, Solaris, Linux, Windows, Avaya, and leading ERP solutions
  • Experience of undertaking audit and/or formal assessor related activities for organizations within the field of cyber security
  • Experience in performing security audits, risk assessments, assurance work and self-assessments
  • Experience of implementing ISO 27001
  • Strong business relationship management, coupled with the ability to persuade, steer and convince senior business leaders on the approach to critical security matters

I will be looking to shortlist for this role by Thursday afternoon, so if of interest please share your CV and I will endeavour to come back to you ASAP.

Apply for this position: