Job Description :
Information Security Manager
12 month fixed term contract - PAYE not Ltd
Salary and great benefits
Our Global Pharmaceutical client is looking for an extremely capable, reliable and experienced Information Security Manager to join the extensive ICT team in Hatfield.
Primarily you will be responsible for establishing and maintaining Information Security policies, standards, procedures, information security management system (ISMS) and tools in accordance with ISO 27001.
Ultimately with an organisational aim of obtaining ISO 27001 certification. Act as the Subject Matter Expert for Information Security Matters and provide a view on Information Security risks and deliver mitigation plans to assure Information Security and compliance across ICT and business operations.
To be considered for the role;
Certified Information System Manager (CISM) certification is essential. Additional Certified Information Systems Auditor certification is advantageous.
ISO 27001 : 2013 Lead Implementer certification is essential
Additional ISO 27001 : 2013 Lead Auditor certification is advantageous.
Demonstrated experience in an Information Security, IT Governance, Risk and Compliance based role and extensive experience of information security management and / or security awareness is essential.
In-depth expert knowledge of industry standard frameworks and best practices - ISO 9001 : 2015, ISO 27001 : 2013, ISO 27002 : 2013, ISO 27005 : 2018, ISO 31000, SANS, NIST and their practical application in a corporate environment to ensure all elements of integrity, availability and confidentiality are adhered to.
Experience of implementing, managing and maintaining compliance with ISO 27001 : 2013 and other information security industry standards and best practices.
You will be developing, implementing, managing and maintaining Information Security policies, controls, standards, guidance, processes & procedures and auditing compliance & risk management.
Knowledge & experience of developing and performing information security due diligence and risk assessments of third party organisations based on IT control frameworks such as ISO 27001 and ISO 31000.
Practical experience of conducting gap analysis, testing information security processes, procedures, plans and leading audits to achieve compliance with Information Security standards.
Experience in implementing and managing effective ISMS tools and solutions to address Data Encryption, Data Loss Prevention (DLP) and Data Privacy concerns.
Practical experience of establishing and maintain data classification standards within a corporate environment with experience of managing compliance, privacy or security incidents and breaches.
Experience of project managing Information Security, Data Protection & Compliance initiatives and executing an Information Security awareness training across multi-
business units. Ensuring corporate compliance with UK / EMEA data protection legislation such as DPA and GDPR whilst working with external service providers.
Excellent Business / customer facing experience.
Strong knowledge of legal, technical and assurance principles relating to information security and UK / EMEA Data Protection law and its implementation within a corporate environment such as DPA and GDPR.
Ability to identify, analyse, understand and translate Information Security / Data Protection requirements into pragmatic solutions.
PLEASE NOTE THIS IS A FIXED TERM CONTRACT PAYE, NOT LTD DAY RATE
For a confidential discussion on the above opportunity or other similar roles please call Rosie on 01707 247259 or email;
Gi Group Pharmaceuticals provides a tailored Account Managed Service and dedicated Pharmaceutical recruitment team and partners with many different Pharmaceutical and Biotechnology clients throughout the globe and the United Kingdom.
To view a copy and to help you understand how we collect, use and process your personal data please visit https : / / uk.gigroup.com / privacy