Information Security Manager – CISSP CISM – Leeds, West Yorkshire
Information Security Manager ideally qualified to CISSP or CISM standard sought by true market leader at their prestigious Lees offices, West Yorkshire.
The successful Information Security Manager will report to the Head of IT Operations and will be responsible for ensuring the business operates a secure and robust environment for the storage and processing of all data.
Key technical skills & experience:
- Either Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) qualifications or a significant level of experience of leading an IS function that has delivered a secure, robust, sustainable and cost-effective technology infrastructure.
- Demonstrable experience of successfully leading a business through IS compliance audits.
- A strong and demonstrable knowledge of the security aspects of network, hardware and software and technologies.
- Experience of case management and workflow systems.
- A strong and demonstrable knowledge of PCI-DSS requirements and the ISO27001 standard and experience of working within a certified business including developing, documenting and implementing information security policies.
- Experience of working within a structured change control process.
- Ability to deliver technical solutions across the following technology areas:
- Microsoft Windows Server, Web Technologies, Microsoft SQL Server, Networks, Unix, Exchange Server, Informix Dynamic Server, Microsoft Systems Center, Microsoft Hyper V, NetApp, VOIP / Telephony, Firewalls, IDS/IPS
- Demonstrable experience in the selection, configuration and implementation of Information Security technologies including encryption, network security, intrusion detection, Email and Web Data Loss Protection
- Experience performing vulnerability and risk assessments using a variety of tools
Day to day responsibilities will include:
- Model company values in personal work behaviours, decision making, contributions and interpersonal interactions
- Line management responsibility for the group Information Security strategy, compliance and governance.
- Lead change management and risk management efforts relating to Information Security issues, including developing plans to ensure timely completion of projects.
- Analyse the state of security within the organisation and develop, communicate and optimise a roadmap to address challenges
- Ensure a stable, secure IT environment that responds to the needs of internal and external clients
- Ensure all IT systems and processes meet the required levels of information security, including authoring IS policies and processes for the ISO27001 plan and for PCI-DSS compliance.
- Responsible to ensure all IS incidents raised within the IT department follow our current IS027001 policies and processes.
- Provide lead input into responses to external and inter-company Information Security audits, including the completion of written questionnaires, face to face audits, and the review of and feedback upon proposed commercial contracts.
- Assist with undertaking the annual DR testing process and producing associated documentation.