Information Security Compliance Manager

Information Security Compliance Manager

Inside IR35 - Up to £259 per day - Fully Remote - 3 months contract (Initialy) - Part Time 3-4 days per week

The role:

This is an exciting opportunity to join a leading organisation as a Information Security Compliance Manager on a part time contract basis. In this role, you will lead the enhancement of robust incident and vulnerability management programs, while proactively supporting our client through strong Information Security governance and technical implementations. Your work will help establish and maintain best practices, ensuring full compliance across the board.

What you'll be doing:

• Providing Information Security consultancy, offering expert guidance for projects, solution design, changes, assurance, and the application of security policies, standards, regulations, and best practices.
• Conducting periodic risk assessments to identify potential vulnerabilities and threats.
• Managing the Information Security incident response lifecycle.
• Delivering regular security awareness training programs for employees to foster a security-conscious culture within the organisation.
• Proactively investigating emerging threats to the business and devise effective solutions to address them.
• Coordinating and overseeing both internal and external security audits and assessments.
• Supervising the management and supplier relationship of the Security Operations Centre.
• Playing a pivotal role in shaping the organisation's overarching security roadmap supporting alignment to our organisational strategy.
• Leading and maintaining compliance with regulatory requisites, ensuring adherence to standards such as Cyber Essentials Plus, ISO 27001, and PCI DSS.

Previous experience:

• Hold an Information Security accreditations such as CISSP, CISM, OSCP in good standing, or relevant professional experience and willingness to work towards such certification.
• Proven experience working in an Information Security role previously implementing information security controls across a range of technologies, e.g., Security Architect, or Security Project Lead.
• Experience of managing information security platforms and maintaining policies.
• Experience in management and coordination of security operations centre activities and vulnerability assessment methods, techniques, and overall management
• Experience with common information security management frameworks, such as ISO 2700x, ITIL and COBIT.
• Confident understanding of modern cloud and network technologies and protocols and up-to-date knowledge of OWASP, NIST frameworks, GDPR, NIS, PCI-DSS, and NCSC cyber guidance.
• Knowledge of all threat areas (deliberate, accidental, internal, external) and understanding of Cyber Essential Plus and similar government security standards.

Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted.

Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation

We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website http://proactive.it/privacy-notice/