Information Security Governance and Oversight Manager – UK Wide – up to £65K plus benefits (Flexible/Hybrid working)

This is a permanent role with a financial services organisation in the UK. Reporting to the Head of IT Security, the purpose of this role is to manage assigned areas of Information Security ensuring that adequate governance and oversight are in place to oversee the ongoing adequacy and effectiveness of the Information Security controls internally and externally. This position where required will participate in projects as the Information Security Subject Matter Expert and ensure security requirements are both built into business and technology solutions and continue to operate effectively in live production.

 

What you need to do:

  • Clear accountability and ownership to drive and maintain IS oversight and governance around IS controls.
  • Act as security subject matter specialist in the specification, design and assurance of projects covering the breadth of financial services.
  • Help support the delivery of Information Security projects.
  • Manage assigned aspects of Information Security, supporting relevant strategy, framework and assurance activity.
  • Support development of policies, standards, procedures and controls
  • Proactively support the delivery of Information Security improvements and annual plans
  • Monitor the regulatory and industry landscape to ensure that key requirements are understood and met
  • Develop best practice in relation to Information Security management and control, influencing colleagues at all levels across the business to understand and meet their data management obligations
  • Manage Information Security with key partners, ensuring that emerging threats and improvements/changes to control frameworks are understood and reviewed/incorporated
  • Scan the internal and external threat horizon, ensuring that industry developments are monitored, managed and incorporated where appropriate
  • Support Supplier Assurance and Relationship Managers with input to third party Information Security due diligence, follow up and on-going assurance.
  • Utilise the Risk Management Framework to ensure that Information Security Risks are effectively managed and communicated within the organisation.

 

What you need to know and show:

 

  • Experience with technical security in some of; IT infrastructure security, IT security operations, application security, PCIDSS, physical security, security threat analytics
  • Knowledge of ISO27001/2, CISSP preferred
  • Good understanding of effective risk management and oversight
  • Well organised and able to prioritise workload in line with tight deadlines and work effectively under pressure
  • Highly numerate, with excellent analytical and problem-solving skills and attention to detail.
  • Excellent team player with ability to working closely with others to deliver results
  • Customer focused
  • Proven track record of working on own initiative, with the ability to introduce fresh thinking to the role and the wider team.
  • Demonstrate an ability to think and reason logically
  • Strong relationship management skills
  • Excellent written communication – both new concept and project assurance reports
  • Exceptional communication skills – ability to communicate effectively with anyone in any environment, e.g., able to translate complex / technical issues to meet the audience’s competency level
  • Experience of managing Information security in an outsourced IT and outsourced business environment would be beneficial.

 

This role is urgent in nature so please email your updated CV in word format to mitesh.fatnani@change-digital.co.uk or call 077 375 38 248 for more information.

Apply Now
  • Date Added: Monday, 13th June 2022
  • Closing Date: Monday, 11th July 2022
  • Job Code: 90074
  • Contact: Mitesh Fatnani