Evolution Jobs

Information Security Manager

Information Security Manager

Job TypeContract
Real Time Recruitment Solutions https://www.rtrs.co.uk

Position – Senior Information Security Manager
Contract Length:  – 12 months with possible extension beyond that period
Location: – Various locations available including London, Manchester, Leeds office / Hybrid and WFH arrangements available.
IR35: Inside
Pay Rate to Candidate:  £1000 per day – Umbrella Company OR PAYE equivalent
Security Clearance – UK BPSS / SC Security Cleared


Minimum Requirement:
– Ms Project, Excel, Power Point and Power BI is required for this role
– Presentations skills including design and delivering presentation to senior and knowledgably audience
– Technical background with experience using at least 3 of listed frameworks (please see the job spec)
– Senior stakeholders engagement
– Writing experience on senior level incl. writing business case, risk assessments, projects & programmes planning,
– Data analysis experience and providing recommendations for the decision makers
– Agile and waterfall experience

Security Clearance: BPSS to start but have to eligible & willing to undertake SC clearance after start
CV Deadline: Friday 22-04-22 by 2 pm
Interview Process: Teams, candidate will be likely to ask to prepare and deliver a presentation to the panel, competency based interview including technical questions.

The role overview:

This is a senior position within one of the largest HMRC departments. Their current staff headcount is 82,000, and they are responsible for financial forecasting that supports the UK’s economy. We are looking for an Information Security Manager with experience in Business Continuity.

The ideal candidate should have a background of working in both the public and private sectors with a flexible and hands-on attitude. However, we welcome candidates with only private company experience if they work in a large business/department and match all the criteria listed below.

Qualification: Holds an undergraduate and/or Master’s degree in Information Security, Technology or Cyber related field; GDPR Practitioner Certified; CISSP; CISA, ISO27001 ISMS; Lead Auditor; SABSA; GIAC or equivalent

– Extensive experience in information security, GDPR/DPA Implementation, cyber security and/or security audit/assurance

– Delivery focused in fast paced environment:
? A self-starter with excellent delivery record gained in large programme and project environment
? Experienced in working in both waterfall and agile discipline and can demonstrate continuous development on delivering products, services and activities
? Ability to develop plans, prioritise, creating roadmaps and maturing operational service/activities

– Experienced in designing, developing options and architectures (e.g. security, service, business and or data architecture) in large programme or projects.
– Proven record in embedding DPA compliance, using GDPR/DPA and frameworks such as the ICO Accountability Framework.
– Proven track in using standards and frameworks in security and Business Continuity Management (e.g. ISO27001, IS022301, NCSC Cyber Assessment Framework)

– Proven record in data and security risk management, including the development and production of (but not limited to):
? Data Protection Impact Assessment (DPIA)
? Security Risk Assessments (SRA)
? Mitigation / remediations plans
? Risk Appetite / Tolerance statements
? Records of Processing Activities (ROPA) – data mapping
? Frameworks, policies, procedures, guidance and best practices in the topics of information management, GDPR/DPA and security

– Proven business resilience/continuity and incident response & management products and process development, including (but not limited to):
? Business Impact Assessment (BIA)
? Business Continuity Plans (BCP)
? Communication Strategy Plans
? BCM Framework
? Forming and/or running a Gold/Silver/Bronze Command functions
? Policies, procedures, guidance and best practices in the topics of information management, DGPR/DPA and security

– Proven working knowledge of Microsoft/ AWS products, including SharePoint/Azure/O365, desirable: technical or architectural understanding of Ms cloud services
– Experienced profession in writing with clear and concise reports, business cases / planning, target operating models, analysing and producing management information (e.g. statistics) for senior management reading purposes
– Excellent communications, writes and presentation skills with the ability to communicate to senior stakeholders often at Board level roles
– Ability to develop and run effective governance and working groups