Information Security Manager – Digital
We have an exciting opportunity for an Information Security Manager within our Digital based in Holborn.
The purpose of the role is to manage the security of information and systems across digital, supporting the business in understanding and implementing effective Information Security controls and effective risk and compliance management within business risk appetite.
Whitbread is the UK's leading hospitality company in the FTSE 100 including brands such as Costa Coffee, Beefeater & Premier Inn. By 2020, our goal is to achieve global system sales of around £2.5bn for Costa, and to increase the number of Premier Inn UK rooms to an incredible 85,000. All while creating around 3,000 UK jobs a year and continuing to expand our presence worldwide. There has never been a more exciting time to Whitbread!
What you will be doing:
- Support the Information Security and Information Systems communities, managing Information Security for the group, requiring close relationships to be built with business stakeholders and external 3rd Party service providers or vendors.
- Managing delivery of business aspects of Security Improvement Projects so that expected outcomes are delivered.
Supporting the business and information security practice in the effective implementation of security controls and risk management practices.
- Working with the business and information security practice in the development of Information Security breach / incident management process.
- Supporting the business and information security practice in the resolution of issues identified during external and internal audits.
- Accountability for implementation of Data Protection controls for the business unit such that the risk of a loss of data is reduced to acceptable levels.
- Ensuring effective planning and delivery of Information Security by I.S. and business resources.
- Consulting and influencing to support shared objectives for risk reduction.
- Advising on supplier contracts and consult on data protection implications.
- Consult and advising Senior Business Stakeholders on Information Security impacts on business initiatives.
- Ensuring effective delivery of Information Security controls by working with 3rd Party service providers
What we are looking for:
- Someone who is an Information Security Risk & Compliance subject matter expert
- Understanding of software development lifecycle
- Experience of ISO27001 and awareness of its benefits.
- Educated to degree level in relevant subject or equivalent experience.
- Achieved CISM, CISSP, CISA, ITIL or ISO certificate.
- Awareness of strengths and weaknesses of ISO 270001 and PCI controls and processes.
- Previous experience working as an Information Security Manager and liaising with senior stakeholders.