Head of Information Security. Reino Unido
Ofertas de empleo en Reino Unido de Directores y gerentes
Clasificación del trabajo: Directores y gerentes.
Descripción de la oferta de trabajo:
At Serco, not only is the nature of the work we do important, everyone has an important role to play, from caring for vulnerable people to managing complex public services.
We are a team of 50,000 people responsible for delivering essential public services around the world in areas including defence, transport, justice, immigration, healthcare and citizen services.
We are innovators, committed to redesigning and improving public services for the benefit of everyone.
Information Security Manager Justice and Immigration Contracts Midlands Based Salary £65,000 - £75,000 Car & Healthcare The Job Opportunity The ISM will take operational ownership and accountability of all information security management processes across a number of sites, ensuring certification and / or network accreditation to a standard which will eventually allow the whole of J&I to be certified and within certification scope.
The ISM will also be raising and managing any information security incidents raised within the sites they support, including holding the role of Data Protection Champion for the sites under the new GDPR legislation.
There is no current resource(s) in place across the J&I arena specifically dedicated to information security, with the implementation of GDPR and the re-bid of contracts over the next few years, Serco need to be able to demonstrate compliance with GDPR and contractual requirements against security standards and accreditations as detailed in customer contracts.
Daily Duties Involve The Information Security Manager will be required to take operational ownership of all information security management processes across a number of sites, including: Information security risk management.
Information security incident management.
Information security assurance activities.
Establishment and management of an Information Security Management Forum Support the ICT system accreditation to HM Government standards.
Hold the role of DPC for GDPR compliance reporting Support a variety of projects and design activities, including: security factors such as HMG policy and good practice, assurance requirements, technical requirements, recommendations of security technologies and controls, physical security requirements, Personnel and / or procedural requirements.
Body Worn cameras.
Provide support to security management functions in order to maintain the existing compliances, including system accreditation, ISO27001 and HMG security controls.
Adopt a proactive approach to security management and security assurance coordination, ensuring smooth running of scheduled activities (pen-tests, security documentation review) and gaining the trust of key stakeholders (including customer representatives and accreditors).
Engage with external audit and assurance providers, including IT Security Health Check suppliers, scoping test plans and helping stakeholders interpret the results of the tests and audits, as well as supporting the implementation of any remedial actions, where required.
Implement the Business Unit Information Security Policy and related processes and procedures in line with ISO27001 and Government policies.
Undertake gap analyses against formal security frameworks (particularly ISO27001), reporting on areas of deficiency and producing remedial action plans (where appropriate).
Manage incident response and conduct investigations to understand the source of security breaches, assess and contain damage and devise measures to protect against future breaches.
Drive a culture of information security and GDPR compliance awareness and ensure compliance with policies, legal and regulatory requirements.
Maintain all relevant documentation relating to information security and risks.
What we are looking for in our candidates ISO27001:2013 Lead Auditor / Lead Implementer Relevant security qualification eg: CISM / CISSP / CISA Strong knowledge of ISO 27001:2013 and GDPR Experience working with an ISO 27001:2013 certified management system Strong knowledge of current Information Security threats and trends Exceptional communicator to all levels of the organisation Experience of training personnel with different competencies Strong stakeholder management and organisation skills Experience of internal auditing Works collaboratively with a range of people to support the wider business needs Ability to work un-supervised and deliver on time Ability to think pragmatically, methodically and logically Ability to make informed decisions On occasion we receive significantly more applicants than expected for some vacancies and under such circumstances we reserve the right to bring forward the closing date of the advertisement.
We therefore strongly advise you to apply for the role promptly to avoid disappointment should the closing date be brought forward.
Serco is a Disability Confident Employer committed to employing and retaining people with disabilities.
Disabled applicants who meet the minimum criteria for the job will be given the opportunity to demonstrate their abilities at an interview.
For help with your application please contact 0345 010 4000.
País del trabajo: Reino Unido.
Número de puestos: 1.
Tipo de puesto: Contratación directa.
Tipo de contrato: Jornada completa.
Empleador: Serco Limited.
Instrucciones para solicitar:
Identificador de la vacante:2201926.
Ver las 946 ofertas de trabajo de Directores y gerentes ofertadas.
Ofertas de trabajo similares:
- Customer Service Operative L1. Reino Unido, 18 Ago. 2019.
- Customer Service Asst Nights. Reino Unido, 18 Ago. 2019.
- Store Manager. Reino Unido, 18 Ago. 2019.
- IT Project Manager. Reino Unido, 18 Ago. 2019.
- Customer Service Supervisor. Reino Unido, 18 Ago. 2019.
- Sales Administrator. Reino Unido, 18 Ago. 2019.
- Counter Balance FLT Driver. Reino Unido, 18 Ago. 2019.
- Customer Service Asst. Evening. Reino Unido, 18 Ago. 2019.