Information Security Manager

Job Description:

Our client, a leading financial services firm based in Newcastle, is looking to recruit an Information Security Manager to join on an initial 3-month fixed term contract.

The successful candidate will lead information security for the firm, ensuring corporate and client data is protected and compliant with legal and internal standards.

• Proven track record of implementing information security practices within a large and diverse organisation.


• Evidence of competency in the creation and implementation of Information security solutions, procedures and practices.


• Solid technical knowledge and experience on security technologies (like Endpoint protection, Mobile Security, Data Protection, Cloud Security, etc.) and on cyber security capabilities (SIEM, SOC, CERT, Vulnerability Management, Threat intelligence etc.)


• Strong knowledge of main Information Security standards and framework (ISO27001, ISO22301, ISF, NIST, COBIT.)


• Good background in information management, with clear understanding of the challenges of Information and IT security.


• A good understanding and experience of implementing information security within cloud-based environments.


• Experience and skills in the project management of corporate Information security projects.


• Excellent oral and written communications skills, as well as ability to present and explain information security in a way that establishes rapport, persuades others, and gains understanding across the organisation.


• Certifications on Information Security (e.g.
  
  CISSP, CISM, ISO27001, ISO22301 etc.) beneficial.

• Provide consultancy across the business (UK & Internationally as required) to ensure relevant and appropriate information security controls are applied to ensure both the departmental and business objectives are met.


• Liaise with management and business users, to understand business goals, priorities, and information needs, and to recommend information security practices and solutions in line with business requirements.


• Manage security assessments, based on leading information security standard ISO 27001:2022.
  
  This includes oversight on physical & corporate security, in alignment with the local facility teams.


• Ensure alignment of solutions to the corporate and divisional strategies by balancing the business requirements with the security constraints and risks.


• Liaise with the various business units across the firm to ensure our business processes are conducted in a safe and secure manner and meet our business requirements.


• Keep abreast of the current security threat landscape and provide relevant and up to date guidance on proposed information security risks to the business.


• Keep abreast of developments in IT and Information security and offer guidance and consultancy to ensure both suitability and sustainability of IT and Information security strategies.


• Understand and ensure compliance to relevant legislation and corporate policies in relation to information security (e.g.
  
  GDPR, OFGEM requirements).


• Provide a Risk Management approach to ensure Information security solutions and controls are commensurate to the business risks and risk appetite.


• Develop and maintain an information security strategy in alignment with the firm's strategy.


• Ensure the relevant policies, plans and procedures, in relation to business continuity and crisis management, based on firm requirements, are developed and applied to minimise disruption to the business in the event of an incident occurring.


• Liaise with internal staff and external companies to ensure optimum solutions are chosen.


• Ensure compliance & adoption of corporate and local policies and security standards.


• Escalate risks and issues to the appropriate levels and ensure a timely resolution to actions raised.

Core-Asset Consulting is an equal opportunities recruiter and we welcome applications from everyone irrespective of age, disability, gender, gender identity or expression, race, colour, ethnic or national origin, sexual orientation, religion or belief, marital/civil partner status or pregnancy.

Job reference: 16123

To apply for this vacancy applicants must be eligible to work in the UK in accordance with the Immigration, Asylum and Nationality Act 2006.

At Core-Asset, we're committed to protecting and respecting your privacy.

Our privacy statement explains when and why we collect personal information about people who engage with our services, how we use it, the conditions under which we may disclose it to others, and how we keep it secure.

We may change this policy from time to time, so please check this policy occasionally to ensure that you're happy with any changes.

By engaging with us (either by applying for a job we're advertising, registering through our website, or getting in touch with our business) you're agreeing to be bound by this policy.

Core-Asset Consulting is committed to protecting the privacy of our candidates, clients and website users.

For further information, please refer to our full Privacy Statement available on our website http://www.core-asset.co.uk/about-core-asset/privacy-statement

Core-Asset Consulting offers specialist recruitment services to asset management, accounting & finance, asset servicing, legal and the wider financial services sector in Scotland.

INDCAS