Information Security Manager
The Information Security Manager (ISM) will play a critical and highly active hands-on role within the College in the preparation and delivery of a suitable and robust information security programme that identifies and addresses security and privacy risks. In addition, the ISM will:
- Take responsibility for managing the process of gathering, analysing, and assessing the current and future information security and privacy threats to the College, as well as maintaining and monitoring information security best practices as they develop.
- Provide overall leadership for and oversight of the development, operation and continuous improvement of the information security processes, procedures, policies, documentation, and guidance which comprise the College’s information security management systems and ensure compliance with appropriate standards.
- Build strong working relationships with senior stakeholders and colleagues across ILTS based on a collaborative, productive, and highly flexible approach in the delivery of services and solutions and will be expected to move rapidly at times to deliver multiple and competing projects and tasks.
- Work with senior stakeholders across the College to drive the information security agenda and ensure that it meets complex information security demands and will act to ensure that security controls are incorporated into all projects at the design stage and that expectations are clearly defined and agreed.
The ideal candidate will be educated to degree level or equivalent with a relevant professional industry qualification or equivalent experience. You must have excellent interpersonal, organisational and communication skills with a high degree of tact and diplomacy. In addition, it is essential that candidates have:
- Knowledge and experience of assurance frameworks and models such as Cyber Security Essentials, ISO27001 and ISO27002
- Proven experience of supporting the identification, assessment, analysis, and management of risk in the field of Information and Cyber Security
- Proven experience of developing and supporting information/cyber security across a multi-site multi-discipline environment within a diverse user community
- Proven experience of developing and implementing a range of appropriate security policies and best practice procedures
- Substantial proven experience and knowledge of dealing with digital forensic investigations related to breaches of network security
- Significant knowledge and understanding of current and emerging security policies, regulations and legislation with a particular emphasis on GDPR and other emerging policies and guidance from bodies such as NCSC which may affect the College
- An ability to lead and develop internal networks, actively seeking to build productive and enduring relationships between teams to strengthen working relationships and foster collaboration, influencing events or decisions
Interviews and assessments are scheduled for week commencing 6 September 2021.
Further details: Information Pack