Information Security Manager (Infosec, Governance)

Interim Information Security Manager

Initial 3 month contract to start by the end August 2022

Negitiable day rate (Inside IR35) – Please enquire

Nottingham/Remote – Travel to Nottingham 3/4 days per week

A highly accomplished, Interim Information Security Manager is required with a broad InfoSec background – covering policy, technical and governance.

Must have demonstrable experience managing people and being part of a Management team.

You will be a a member of the IT and Change leadership team, managing a team responsible for Information Security and Data Governance risk management.

The role is a voting member of the Information Risk Committee representing 1st line of defence for Information Security and Data Governance risks.

Ultimately this role is to champion risk based management. It is responsible for education and communication of information security/information management related material, managing a team of specialist and acts across the business.

Qualifications:

• Hold Certified Information Security Systems Professional (CISSP)
• Risk Management Qualification – Desirable
• Data Governance Qualification – Desirable

• Information Security architecture
• Information Security risk management
• Technical security controls
• Vulnerability management
• Cryptographic controls
• Data Loss Prevention
• Cloud Security
• Security Incident Management

• A detailed understanding of relational database administration, networking concepts, Internet and e–mail technologies and their monitoring systems, data and message encryption, access control issues, Firewalls, vulnerability testing, operational good practice – including disaster recovery disciplines and techniques
• A broad and clear understanding of the potential impact of changes to any part of the computing and communications infrastructure and the need for effective fall back procedures
• Practical experience of managing organisation–wide Information Security Risks
• Experience designing security controls and embedding in to change initiatives
• As the jobholder is expected to liaise with personnel at all levels, excellent interpersonal and communications skills are essential
• Ability to write documentation clearly and concisely and to pass on the relevant technical information to both technical and non–technical staff.
• The jobholder needs a good knowledge of the disciplines and techniques for managing projects whilst also managing and scheduling smaller tasks ensuring that both types get completed to the correct timescale.
• People management skills including performance management practices
• Excellent Stakeholder Management experience
• An in–depth understanding of ISO 27001 and data protection regulation and how each element applies to the use of information technology