IT Security Manager

Location
Surrey
Salary
Negotiable
Posted
23 Feb 2017
Closes
23 Mar 2017
Ref
HQ00076796
Contact
Mary Worthington
Clearance Level
SC
Sector
Construction
Job Type
Permanent

IT Security Manager

My client, a rapidly expanding construction company are currently looking for an IT Security Manager to take the lead on developing a security roadmap for the business. You will be confident working with technology as well as establishing the wider information assurance program. Initially you will be guiding the preparation for working towards ISO27001 and or Cyber Essentials certification. With board level buy in and lots of investment into their infrastructure this is an extremely exciting time to join the business, and really make a difference in their IT Security capability.

Role

  • Creation of an Information Assurance policy for the business - aligned with ISO27001/ Cyber Essentials.
  • Analyse and audit the security element of technical solutions, with the ability to relay results to technical and non technical teams.
  • Establish and enforce suitable and relevant information security policies & procedures, ensuring that these are compliant with the appropriate legislation and regulations related to information security.
  • Maintain Risk, Issue and Change registers for Information Security.
  • Report regularly into the board around security compliance and progress.
  • Review and manage the security 3rd party supplier's assurance to ensure they meet minimum recommended standards for the business.
  • Review of the existing IT infrastructure and service, reporting on and making recommendations to improve security in-line with the Information Assurance Policy.
  • Managing IT Health Checks / Penetration Tests

Requirements

  • Minimum of 8 years broad IT experience, at least 5 of which has been in an IT security role
  • Understand the commercial pressures in a private sector company
  • Experience working with:
    • SIEM, GDPR, DPA, Identity & Access Management, Monitoring, Data Loss Prevention, Network Access Control, IA policy and procedures development.
  • Excellent client facing, people and communication skills to work in highly demanding environment
  • Experience of developing, implementing and communicating technical and user information policies, including ISO27001:2013
  • CISSP/CISM
  • SC clearable

To apply for the role please send your CV to Mary.Worthington@sandersonplc.com. Or for more information call Mary on 01179145273.