Our partner's product is a next-generation data intelligence solution delivering cost-effective, machine learning powered, Business Intelligence as a Service.
Their vision is to simply create an easy to use but automatic insights platform utilising machine learning with Smart Alerting. They are committed to providing automatic insight through anomaly detection and deep learning, while providing for an open and collaborative platform.
The information security manager role is responsible for the implementation and day to day management and continual improvement of the information security management system.
The requirement is to blend and operate an effective governance framework that addresses and meets the requirements of ISO 27001, SOC, PCI DSS and all legal and regulatory requirements including but not limited to the GDPR and Data Protection Act 2018.
What you'll do:
- Building, leading and managing the information security strategy for the organisation.
- Maintenance, improvement, audit and appropriate communication of all information security management system documentation, processes and procedures.
- Co-ordination, completion and management of all third party supplier, client and external certification body audits and questionnaires.
- Building, executing and conducing a programme of communication, training and awareness for information security.
- Managing, running and chairing the information security management meetings.
- Owning, populating, managing and reporting the information security risk register and risk management process.
- Owning, writing, communicating and testing the business continuity plans.
- Owning, reporting, analysing and driving continual improvement from information security related incidents.
- Conducting internal audits of the information security governance frameworks, including but not limited to the ISO 27001 and ISO 27002 controls.
- Providing information security expertise and guidance to projects and where appropriate taking on information security related project tasks.
- Being the point of contact for all required external bodies including but not limited to the UK Information Commissioner for Data Protection.
- Ideally hold one of CISSP, CISA CISM
- To have at least 3 years relevant industry experience in an information security manager role
- To consider certified ISO 27001 lead auditor / implementor qualifications
- A technical / engineering background.