Information Security Manager - Architecture
Posted on May 6, 2021 by CV-Library
Information Security Manager - Architecture- Major UK Financial Services Organisation - Perm
Fantastic opportunity to join one of the most trusted names in the UK insurance sector as Information Security Manager covering architecture and assurance. Working with a business where employees and customers are always at the core of their values and practices, you will be offered excellent opportunities to develop and progress your career, alongside a competitive salary and benefits package.
Working within IT department of a major UK insurance organisation, your role will report directly into the Head of Information Security, and manage a small team of analysts who cover a range of work across architecture and assurance, ensuring security initiatives, controls and governance processes are implemented and remain adequate over time that will protect customer, employee and company information from security risks. This will be a leadership role that will also involve some hands-on work too, and the management of both internal and external stakeholder relationships.
Your duties as Information Security Manager will include but not be limited to the following:
Provide InfoSec assurance activities across the business change function, ensuring controls are correctly designed and implemented.
Review and comment on design artifacts such as Conceptual designs, HLD, LLD's
Provide a risk-based approach to project assurance, communicating residual risk to stakeholders.
Represent the information security department on all change, project and architecture boards
Design and deliver the Information Security assurance plan on an annual basis to confirm the ongoing effectiveness of security controls across the business
Responsible for the successful delivery of security controls for all high-risk projects
Help design and maintain the Enterprise Security Architecture Blueprint ensuring it remains fit for purpose and aligns with the evolving business strategy.
Communicate the Enterprise Security Architecture Blueprint and any other principles and standards to stakeholders as and when required.
Provide architectural oversight to projects ensuring adherence to the defined security standards
Assist in Information Security incidents as required, and where necessary, support Compliance and HR investigations into data breaches or systems misuse.
Provide security assurance on all changes to project initiatives and implement controls to manage risk
Effectively communicate the role of security within the business, developing effective mechanisms to disseminate information to stakeholdersThe Successful Information Security Manager - Architecture
The successful candidate will have a strong background within information security, not necessarily within architecture, and have a proven track record of developing and managing others as this will be a key part of the role.
In-depth understanding of all security principles and underlying technologies and how they apply to technological and business solutions
3-5 years' experience working in within Information Security or a related subject area, ideally in architecture and assurance
Demonstrable ability to design security operations, procedures, policies and assurance activities
Expertise in setting and managing stakeholder expectations and developing relationships
Ability to explain complex IT concepts to all levels of customer.
Previous experience of reporting, presenting and engaging with Senior Management within the business
Solid understanding of InfoSec governance frameworks such asISO27001, COBIT, NIST 800-53
Ideally achievement of, or studying towards industry qualification such as CISM, CISSP
Exposure to relevant regulations including GDPR. PCI-DSS and the FCA rules.
Understanding of information security controls in particular those relating to assurance, business process, governance, risk and education.What's on Offer for the successful Info Security Manager
Competitive base salary depending on experience, coupled with a good benefits package, and a good degree of flexible working following the pandemic. Currently the role will be fully remote