Job Title: Information Security Manager
Location: UK-London / Slough
Job Type: Full Time
The Information Security Manager will support Advanced 365 and its clients, acting as a consultant and subject matter expert to meet the requirements for maintaining standards, policy and governance. This will address the organisations contractual obligations to its clients and successfully maintain the organisations requirements for against official standards such as ISO27001.Main Duties and Responsibilities
- Active involvement and the continued improvement on standards, policy and procedures.
- Ensure compliance with the companies audit requirements.
- Ensure client contractual obligations such as security requirements or associated audit requirements are met.
- Participate in infrastructure and application project teams providing consultation as new clients are taken on.
- Perform Security Risk Assessment as part of discovery / project initiation and perform Security reviews of designs and implementations as required.
- Perform vulnerability and penetration testing on new and existing client environments.
- Assist internal systems with protecting the integrity of internal assets.
- Responsible for staying abreast of cyber security threats and vulnerabilities that could threaten the integrity of systems.
- Work with all teams to ensure the integrity of Advanced and client endpoints.
- Report on security incidents and breaches with recommended remediation.
- To assist in the deliver awareness training to internal colleagues to an agreed schedule.
- Proven ability to work creatively and analytically in a problem-solving environment.
- Self-motivated – personal drive and enthusiasm to continually improve and provide the best in all situations and able to readily embrace change.
- Clearly demonstrates behaviour and attitude which contributes towards achieving and supporting the company and operational objectives.
- Capability and willingness to accept and adapt to a changing environment and adjust behaviours accordingly, taking account of differing factors, perspective and views.
- Confidence to accomplish job requirements and positively welcomes feedback for continuous improvement.
Knowledge and Experience
A solid understanding of Security and Compliance, gained either through education or relevant work experience, in one or more of the following areas
- Knowledge gained through working in a controlled information systems environment.
- A good all-round knowledge of IT systems, platforms, networking technologies.
- Experience in working in teams and being independently motivated to be self-sufficient.
- Some experience of operating within the ITIL framework for service delivery.
- Working in a fast paced operational environment requiring a degree of change tolerance.
- Experience in implementing and managing ISO/IEC27001:2013 frameworks
- Having exposure to a broad range of organisational functions and gained some experience in an end-to-end business environment.
- Experience with Vulnerability Assessment and Vulnerability Management
- Desire to work in an information and compliance system team.
- Experience with both security & operational tools and products used in a service delivery organisation.
- Good knowledge of auditing in relation to technology platforms, customer service delivery, service desk, procurement, asset management, project delivery, data centres & sales areas.
- Good knowledge of security and auditing in relation to technology platforms such as Microsoft Active Directory, UNIX/Linux, Network Security (Cisco), Databases (SQL/Oracle).
- Good knowledge of networking products (IDS/IPS, Firewalls, Routers)