|Job Ref:||204810433||Employer:||cv-library.co.uk||Job Type:||Permanent||Country:||United Kingdom||County/State:||West Sussex||City:||West Sussex||Address:||Post Code:||BN18||Salary:||£45000 - £65000/annum||Post Date:||19/10/2016 02:27|
IT Security & Governance Manager|
Salary: Call for details
Location: West Sussex
We have a position for a skilled IT Security and Governance Manager to work for an engineering business in the West Sussex region. Work does not need to be based in this location and there will be flexibility on travel and working hours.
The IT Security & Governance Manager provides leadership, direction and guidance on IT security, controls, governance and audit. Develops and implements IT Security & IT Governance frameworks, including on-going monitoring, continuous improvement and compliance activity. Responsibility for improving resilience against and recovery from IT risk events, including cyber-attacks.
* Articulate complex information security concepts, including external and internal threats, to senior executives and non-technical employees while accurately portraying real risks and threats to the company. Developing strategies and solutions to maintain an appropriate level of IT security.
* Design, implementation and operation of information security controls, supporting policies and technologies which allow the business to effectively and efficiently operate.
* Responsible for implementation & maintenance of any formal security certification the company may elect to attain e.g. ISO27001
* Own and manage all Information Security Incidents, act as primary triage, providing clear and timely actions & information to stakeholders.
* Prepare, socialise and rehearse procedures (playbooks) to guide response to security incidents.
* Increase awareness of IT Security best practices, ensure policies & standards are widely communicated and embraced.
* Increase the maturity of the IT General Controls (ITGC).
* Create and maintain the IT Risk register, along with Risk & Controls matrix.
* Ownership of all audits, Improvements (RITs) and Internal Control Questionnaires (ICQ) affecting IT, ensuring prepared for and closed within agreed timescales.
* Achieve any other objectives set for the Technology function from time to time.
Comprehensive understanding of Information Security standards, technology, and threats, as well as experience with applicable regulatory and standards frameworks.
5+ years in an information security environment, identifying risks and proposing viable solutions. Deep and broad understanding related to security encompassing control technologies, policies and standards, risk and compliance, audit, data privacy etc.
An understanding and experience of applying and implementing the following: Platform Security, Data Security, Network Security, Perimeter Security, Physical Security, Security Assessment Tools and Security Monitoring Tools.
Preferable to have hands on experience of IT management, including implementing IT best practices and understanding of the requirements of ISO 27001 standards and the practical application of them.
CISSP / CISM or CISA qualification advantageous.
For more information or to apply, please call me on (Apply online only) or email