Talent.com
This job offer is not available in your country.
Information Security Manager

Information Security Manager

City Facilities Management Holdings LtdGlasgow, GB
30+ days ago
Salary
£70,000.00–£85,000.00 yearly
Job description

Information Security Manager

Salary Competitive Location Glasgow Head Office Shift Pattern Days Hours per day

This is a Permanent, vacancy that will close in 15 days at 23 : 59 BST.

The Vacancy

POSITION OVERVIEW :

This role sits within the 2nd Line of defence, where you will lead and support the business, managing cyber risk and information protection positions effectively. Protecting the business from security threats, by identifying risks and developing appropriate risk migration plans. Providing senior leadership with independent assurance of their cyber risk and information protection posture.

The role will work collaboratively with 1st Line cyber team to ensure business assurance plans are shared and the requirements of 2nd Line are understood.

You will also take the lead in delivering a defined list of cyber assurance reviews, projects, and initiatives as well as achieving the cyber assurance and compliance related objectives. You will also help shape the City cyber security strategy for data security, monitoring and reporting, risk and threat assessment, incident response, business continuity and disaster recovery.

PRINCIPAL TASKS AND RESPONSIBILITIES

Monitor & Review

  • Contribute and maintain the current information security risk management framework, articulate risk in business terms, identify appropriate mitigation measures and drive their delivery to ensure the security of our information and services
  • Liaise with key stakeholders to prioritise technology, process and people-based security initiatives to mitigate risks identified and use continuous improvement principles to ensure the evolution of our information security delivery framework.
  • Contribute to the annual information security business plan including audits, tests, risk assessment activities and additions to the information security delivery framework, e.g. policy updates.
  • Identify relevant information security activities in response to changes in standards and regulations.
  • Liaise with key stakeholders to prioritise information security and compliance initiatives.
  • Perform security risk assessments and adversarial testing to establish proportionate risk advising of any relevant enhancements to the information security delivery framework.
  • Accountable for data security measures being in place to meet our policies.

Respond & Remediate

  • Responding to information security incidents in line with the appropriate standards and processes, meeting or exceeding agreed KPIs.
  • Following a regular timetable of security and data protection compliance audits and tests, taking appropriate steps to mitigate any risks discovered.
  • Assist with the development of City’s disaster recovery and business continuity plan.
  • Liaise with internal departments and external suppliers to identify and address Information Security related risks.
  • Initiate, facilitate and promote activities to foster information security and data protection awareness throughout City and its suppliers.
  • To advise on, and to maintain,
  • To be the first point of contact for supervisory authorities and for individuals whose data is processed (colleagues, customers etc).
  • To perform any activities relating to information security and compliance such as awareness-raising, training needs analysis, data migrations, security hardening, breach management and data protection based RFI.
  • Provide assistance in business development bids, PQQs and ITT responses.
  • Other duties deemed appropriate for the role and skillset.

    • Team Management

  • Input to and fulfil the development hiring plan for the team, including sourcing, screening, and interviewing
  • Hold regular 1-1s with all direct reports
  • Set team goals and technical direction while ensuring that they align with the goals of the Technology and Information Security roadmaps
  • Set personal goals for each team member as well as direction while ensuring they are aligned with team goals
  • Implement effective engineering processes and policies that emphasize quality and forward progress
  • Deputise for the Head of Information Security

    • KNOWLEDGE, SKILLS & ABILITIES

    Essential

  • Degree level qualification or equivalent experience in Cyber risk management and information protection
  • Cyber security essentials
  • ISO 27001
  • NIST CSF
  • Strong Technical Background in Data Classification and Data Loss Prevention
  • Experience in information security governance, policy and procedure definition
  • Administration of Active Directory, Azure AD, Windows File Services, SharePoint &
  • Office 365
  • Implementation of Microsoft Purview and oversight of configuration.
  • Strong broad-based technical background (database, web-based application development, infrastructure etc.)
  • Strong risk-based analysis and decision making skills
  • Business sense
  • Communicate Up, Down, and Across All Levels of an Organisation
  • Pragmatic and flexible approach
  • Problem-Solver
  • Excellent interpersonal skills
  • Creativity

    • Desirable

  • CISSP, CRISC or CISM certified
  • EU GDPR
  • PCI-DSS
  • Cloud, Hybrid & Global Enterprise networks
  • Audit and risk assessment processes
  • Conducting audits, developing controls & risk assessments
  • Managing 3rd parties
  • Demonstrated ability to understand and analyse complex business processes and technologies to make sound recommendations to non-technical constituents

    • The Company

    In 1985, husband and wife Willie and Susan Haughey established City Refrigeration Holdings. The pair set out with one goal – to make a positive change in the facilities management industry.

    The Haugheys founded their enterprise on the values of collaboration and transparency, replacing client / contractor relationships with long-term, mutually beneficial partnerships. Each partner receives a unique strategy, shaped by the needs of the business and implemented by a bespoke, self-delivered model.

    It is this focus that has allowed the City Group to grow from its humble beginnings into one of the world’s most trusted facilities management companies. The business now employs over 12,000 people and has established divisions across Europe, Australia, North America and Asia. It has also diversified the services it offers to include maintenance and engineering, technical procurement and support, cleaning and ancillary services across retail, residential and commercial markets.

    Now more than three decades into its story, City remains rooted in the core values established by the now Lord and Lady Haughey and remains passionate about sharing its unparalleled professionalism, quality, customer service and value with partners around the globe.

    About City

    Our Benefits

    Documents