|Job Ref:||204747700||Employer:||cv-library.co.uk||Job Type:||Permanent||Country:||United Kingdom||City:||Solihull||Address:||Post Code:||B91||Salary:||£40000 - £45000/annum||Post Date:||07/10/2016 03:54|
Convergence Group has a unique opportunity available for a Security Compliance Manager to join the team in Solihull. The role is a full time, permanent position offering a salary of £40,000 - £45,000 per annum.|
Convergence Group was formed in 2004 to address the rapidly growing IP and network requirements of national and international business organisations. Convergence Group, ten years on, still only focusses on the design of scalable, cost effective, flexible, integrated network access solutions across the Wide Area Network (WAN).
As our Security Compliance Manager you will be responsible for managing all aspects of Security Compliance within Convergence Group including policies, processes and procedures.
What are the responsibilities of the Security Compliance Manager?
- Lead and develop the company's security governance program to prepare, support and manage the compliance processes ensuring the continued conformity and maintenance of our accreditations including: ISO27001, CAS-T and PSN (Public Sector Network)
- Manage the ISMS system for all policies, processes and procedures within the business in-line with the ISO27001, CAS-T and PSN standards
- Maintain current accreditations, assess current state in readiness for external audits and close any gaps as necessary
- Conduct risk assessments across the company departments, business units and operational locations and maintain the Security Risk Register.
- Co-ordinate the internal audit program to ensure adherence and internal security compliance against relevant standards
- Audit policies, procedures, standards & practices ensuring consistency across the business, together with ISO27001 / CAS-T and PSN standards, Risk Management & Continuous improvement processes.
- Monitor and track any issues arising from external or internal audits and ensure actions plans are put in place and timeframes for changes are met
- Review the Information Security Manual and associated documents and suggest amendments and updates as and when required (taking into account any standard and / or legislative changes).
- Arrange and chair the ISC (Information Security Committee) meetings and manage actions arising from the meetings
- Assist with the data security aspect of third party due diligence questionnaires, undertake supplier audits on site, support on site client audits on items directly relating to data security.
- Co-ordinate and deliver security awareness and compliance training within the business as necessary
- Provide accurate and timely reporting to assist in the planning and management of operations
- Work closely with all departments to drive through improvements as part of a continuous improvement program
What skills do I need to have to become a Security Compliance Manager?
- Experience with ISO27001 and / or ISO27002 compliance
- Good understanding of Risk management and able to manage a risk register
- Any experience with other regulatory controls including: ISO9001, ISO14001, ISO20000, CAS-T, PSN, etc. would be advantageous
- ISO27001 Lead Auditor qualification beneficial
- Any information security qualifications such as CISSP or CISA desirable
- Knowledge of current ISO27001 standard
- Knowledge of CAS-T or PSN would be desirable
- Good understanding of the regulatory requirements for the Telecoms sector would be beneficial
- Working knowledge of ISO Management systems such as ISMS, BMS etc.
- Auditing and risk management experience
- Working knowledge of compliance/auditing techniques
- Excellent verbal and written communication skills, including the ability to prepare documentation, policies, and build consensus across a broad group
- Ability to interpret information security data and processes to identify potential compliance
- Ability to work effectively and organize priorities independently
- Ability to clearly and effectively communicate information security and compliance matters as well related risks to executives, auditors, and end users
Why not click 'apply' today? Don't miss out on this opportunity to join one of the largest data network work suppliers as our Security Compliance Manager.
This profile is not an exhaustive list of the activities that the role holder may be required to undertake. The Company may require the role holder to perform other duties as deemed necessary to fulfil the requirements of the role. All employees are subject to BPSS