Information Security Manager

Information Security Manager
Nottingham
£65,000 - £70,000 + benefits

An Information Security Manager is required for this independent regional UK law firm is known for its highly effective solutions to clients’ complex needs within selected markets which include the largest public and private sector organizations, alongside SMEs and high net worth individuals. This is a critical and pivotal role, ensuring information security risks are managed effectively.

Key Responsibilities of the Information Security Manager

• Leading the development and implementation of information security strategies and initiatives within the IT department.
• Collaborating with IT colleagues to ensure regulatory obligations and information security risks are managed effectively, particularly in areas of innovation, data usage, and project development.
• Aligning information security and data protection policies with IT operations and business strategies, ensuring compliance with ISO standards.
• Providing expert guidance and developing training programs to enhance information security awareness across the firm.
• Conducting risk assessments related to information security and data protection and reporting findings to executive management.
• Supporting internal and external audits, ensuring effective and timely remediation actions.
• Assessing client requirements and high-risk suppliers/ third parties for information security and data protection compliance.
• Advising on incident and breach management related to information security, including escalation, mitigation, and reporting.

Key Skills and Requirements of the Information Security Manager

• Strong leadership in driving security initiatives within an IT operations context.
• In-depth knowledge of data protection legislation (Data Protection Act 2018, UK and EU GDPR).
• Expertise in information security controls, particularly ISO27001, and comprehension of technical IT concepts.
• Robust understanding of technical and organisational security controls, with a keen ability to evaluate and mitigate risks.
• Industry certifications such as CISSP or CISM are highly desirable.
• Exceptional communication skills, with the ability to convey technical issues clearly to diverse audiences.
• Strong relationship-building skills within the IT department and across the business.

Applications can only be considered from those eligible to live & work in the UK without restriction.

Harcourt Matthews is acting as an Employment Agency in relation to this vacancy. Our divisions include: Legal Operations (Legal Tech and Legal Project Management, LPM, Operations Project Managers, Change, Innovation and Process Improvement); Accounting & Finance (Part and fully qualified Accountants); Pricing & Strategy; Pfi/PPP & FM.

Harcourt Matthews is committed to diversity and inclusion. We value and encourage applications from all ethnicities and welcome everyone regardless of social background, disability, gender identity, and orientation. Diversity benefits us all and challenges our assumptions.

Keywords: information security, manager, management, technical, control

Ref: BHJOB3543_5807