Infosec Manager

Description:

Our client is looking for an Infosec Manager with experience of implementing ISO 27001 the Information Security standard up to and including getting the certificate for it. The successful candidate would be responsible to internal security audit as well as assessing supplier security compliance, with GDPR on their portfolio. Experience of working within the healthcare industry would be a strong advantage. Requirements Reviewing and developing InfoSec strategy

Develop the ISMS to meet with UKAS ISO 27001 requirements

Manage all information governance and security policy, process and procedure documentation

Manage the risk assessment process and maintain the risk treatment plan (RTP)

Manage the internal and external audit process

Manage the security elements of the supplier onboarding process

Providing specific control definitions, objectives and evidence required for compliance to frameworks i.e. ISO27001, GDPR/DPA ’18, PCI DSS and Cyber Essentials.

Gather/generate evidence of maturity and KPIs

Liaison with clients or suppliers as required representing security program elements.

Chair/facilitate (as appropriate) Risk/Security Forum meetings, create their ToRs and prepare meeting minutes

Conduct stakeholder workshops to review InfoSec activity progress, obstacles and propose solutions.

Delivering projects/tasks which may fall under the scope of the ISM role.

Liaise with DPO on InfoSec related queries

Work with other areas of IT to ensure Information Governance and Security policies are enacted and documented

When applying for a job, do not provide bank account details or any other financial information. Never make any form of payment. WhatJobs is not responsible for any external website content. Report this job