Information Security Compliance Manager

December 10

Apply Now

Receive Emails with Similar Jobs

Spring by Action for Children

WebsiteLinkedInAll Job Openings

childcare • early years • education • after school • early years professional

501 - 1000 employees

📚 Education

🌍 Social Impact

🤝 Non-profit

Description

• This is an exciting opportunity to join Action for Children as an Information Security Compliance Manager on a Permanent Contract. • You will play a key role in leading the enhancement of robust incident and vulnerability management programs, while taking a proactive role in Information Security governance and technical implementations to establish and uphold best practices, ensuring full compliance. • Providing Information Security consultancy, offering expert guidance for projects, solution design, changes, assurance, and the application of security policies, standards, regulations, and best practices. • Conducting periodic risk assessments to identify potential vulnerabilities and threats. • Managing the Information Security incident response lifecycle. • Delivering regular security awareness training programs for employees to foster a security-conscious culture within the organisation. • Proactively investigating emerging threats to the business and devise effective solutions to address them. • Coordinating and overseeing both internal and external security audits and assessments. • Supervising the management and supplier relationship of the Security Operations Centre. • Playing a pivotal role in shaping the organisation's overarching security roadmap supporting alignment to our organisational strategy. • Leading and maintaining compliance with regulatory requisites, ensuring adherence to standards such as Cyber Essentials Plus, ISO 27001, and PCI DSS.

Requirements

• Hold an Information Security accreditations such as CISSP, CISM, OSCP in good standing, or relevant professional experience and willingness to work towards such certification. • Proven experience working in an Information Security role previously implementing information security controls across a range of technologies, e.g., Security Architect, or Security Project Lead. • Experience of managing information security platforms and maintaining policies. • Experience in management and coordination of security operations centre activities and vulnerability assessment methods, techniques, and overall management. • Experience with common information security management frameworks, such as ISO 2700x, ITIL and COBIT. • Confident understanding of modern cloud and network technologies and protocols and up-to-date knowledge of OWASP, NIST frameworks, GDPR, NIS, PCI-DSS, and NCSC cyber guidance. • Knowledge of all threat areas (deliberate, accidental, internal, external) and understanding of Cyber Essential Plus and similar government security standards.

Benefits

• 29 days annual leave PLUS bank holidays, with up to 5 additional days for continuous service and option to buy or sell leave. • Gain professional qualifications and excellent training/development opportunities. • Flexible maternity, adoption, and paternity packages. • Pension with up to 7% employer contribution with included life assurance cover. • Staff discount portal and Blue Light Card eligibility with 15,000 national retailer's discounts.