Information Security Compliance Manager

  • Location

    Birmingham, West Midlands

  • Sector:


  • Job type:


  • Salary:


  • Contact:

    Aaron Madray

  • Contact email:

  • Job ref:


  • Published:

    6 months ago

  • Expiry date:


Infosec Compliance Manager - Midlands- SC Clearance Permanent Role

Our client is looking for an Infosec Compliance Manager to lead on the maintenance, development and implementation of a group level information security management system and supporting compliance policy framework.

Key responsibilities;

  • Development of a Group-level Information Security Management System, aligned with the requirements of ISO27001 and the ISF's Standard of Good Practice.
  • Implementation and maintenance of an information security policy framework (policy, standards and guidelines), reflective of statutory, regulatory and contractual security requirements.
  • Co-ordination of information security compliance activities that serve to protect Interserve's information assets and information systems, including security controls implemented at Group level.
  • Maintenance of the Group's information risk register consisting of asset, threats and vulnerabilities, including likelihood and impact, providing information to Divisions as required.

Technical Expertise -should include more than one of the following;

  • Educated to degree level, preferably in computer science or related discipline or related experience
  • Must have one or more of the following active certifications or equivalent industry experience: CISA, CISSP, CEH, ISO27001/2 Implementer / Auditor.
  • An understanding of Governance, Risk and Compliance and its application within a large, complex organization.
  • Minimum of 3 years demonstrable experience in information security, with a focus on management systems, policies, standards, architecture and technologies.
  • Understanding of defence in depth principles.
  • Solid understanding of information security risk management including risk analysis, mitigation, resolution and acceptance.

Desirable skills;

  • Understanding of HMG SPF, JSP440, GPGs, List-X Notices.
  • A sound knowledge of leading-edge risk management processes and technologies, including IRAM1 / 2.
  • Other related certifications such as ITIL and/or COBIT

This is an opportunity to provide key direction in a growing cyber-security function and implement continuous improvement throughout the organisation and the wider group.

Interviews are taking place immediately, to be considered please send your up to date CV ASAP

For more information or any questions, please call Aaron on 01619 924 1382