Leading medical firm requires information security manager to enhance the overall security posture of the firm. The role will be centred around conducting gap analysis and recommended remediation to bring firm in line with risk appetite.
The role will require the continual development and review of internal procedures, leading ongoing adherence to policy and best practices, and the articulation of this to clients. The role will be responsible for investigation of any incidents that contravene these guidelines and that incidents are dealt with promptly and effectively. They will work in conjunction with various functions and departments to ensure employees are aware of cybersecurity issues, are trained in good cybersecurity practices and are practicing safe/secure data collection, data transfers and storage.
- Act as the IT security manager for the firm operations and as the Local Data protection coordinator for GDPR.
- Provide an escalation/information and assistance point for business questions and queries around information security
- Monitor the organisations networks for security breaches and investigate violations when they occur
- Help to design, implement, and maintain the organisations cybersecurity plan which is led by the Group operation
- Engage with Internal IT and systems to ensure technology roadmap and project alignment is in sync with enterprise information security goals
- Develop and direct implementation of security standards and best practices for the organisation
- Work with Operational owners and teams to identify and align process flows against best practice and client requirements
- Working with central and 3rd parties direct the installation and use of security tools to protect sensitive information
- Recommend security enhancements to Management, and maintain an up-to-date knowledge of IT security trends
- Lead and participate in internal, external, and governing standard audits and tests.
- Serve as point for UK security breach investigations reporting to the Director of Information Security and/or the CISO
- To take part in an annual staff appraisal
As an ideal candidate, you will have an industry certification such as CISSP/CISM/CRISC. You will also have a proven track record of delivering in a similar role. Experience within heavily regulated industries is highly advantageous.
To apply for this job please visit www.cybersecurityjobsite.com.