As an involved manager and a key decision maker, the Information Security Manager will lead the operational delivery and evolution of all information security systems through a business aligned strategy.
- Manage the establishment, implementation, monitoring and adherence to policies and procedures that support all internal and external security areas of Technology
- Ensure that Security systems, infrastructure and stored data are secure against internal and external threats and position effective and appropriate measures for risk management and information security
- Formalize and publish appropriate Information Security policies to ensure key risks are identified and minimized; and security incidents are managed appropriately
- Assist the Data Protection Officer ensuring the company's adherence to the requirements of the Data Protection Act
- Major contributor to the development of the company Business Continuity strategy and implementation
- Accountable for the performance of the Information Security team, achieving best value, and continuous improvement in service delivery
- Raise awareness and ensure appropriate 'Security Culture' is in place. Design and deliver internal staff training
- Lead annual PCI-DSS audit and assist in another Information Security audits that the company may be subject to
- Collaborate with different stakeholders - technical and non-technical, to work out best possible solutions.
- Coordinate regular internal and external penetration testing, to identify technical vulnerabilities and define remediation measures.
- Minimum of 5 years experience in an information security (or similar) role
- Work experience in a PCI-DSS or ISO27001 compliance environment is preferred
- Understanding of security components such as firewalls, URL filter, end-point protection, monitoring, alerting, audit, and logging systems among others
- Working in an IT team in a company with operations across multiple global locations
- Ability to undertake international travel upon request