Our client is looking for an Infosec Manager with experience of implementing ISO 27001 the Information Security standard up to and including getting the certificate for it. The successful candidate would be responsible to internal security audit as well as assessing supplier security compliance, with GDPR on their portfolio. Experience of working within the healthcare industry would be a strong advantage.
Reviewing and developing InfoSec strategy
Develop the ISMS to meet with UKAS ISO 27001 requirements
Manage all information governance and security policy, process and procedure documentation
Manage the risk assessment process and maintain the risk treatment plan (RTP)
Manage the internal and external audit process
Manage the security elements of the supplier onboarding process
Providing specific control definitions, objectives and evidence required for compliance to frameworks i.e. ISO27001, GDPR/DPA ’18, PCI DSS and Cyber Essentials.
Gather/generate evidence of maturity and KPIs
Liaison with clients or suppliers as required representing security program elements.
Chair/facilitate (as appropriate) Risk/Security Forum meetings, create their ToRs and prepare meeting minutes
Conduct stakeholder workshops to review InfoSec activity progress, obstacles and propose solutions.
Delivering projects/tasks which may fall under the scope of the ISM role.
Liaise with DPO on InfoSec related queries
Work with other areas of IT to ensure Information Governance and Security policies are enacted and documented
When applying for a job, do not provide bank account details or any other financial information. Never make any form of payment. WhatJobs is not responsible for any external website content. Report this job