Information Security Manager (A2ZD12879)
at , London
Salary: Daily Rate: Up to £600 via Umbrella
Job Type: Contract
Job Title: Information Security Manager – cyber security
CV Submission Deadline: 4pm 27/03/19
Duration: ASAP to Sept 2019
Daily Rate: Up to £600 via Umbrella
Security Clearance: SC Clearance
IR35 IN/OUT Scope: In Scope
Key Tasks and Deliverables:
- Develop and maintain data security policies.
- Developing service descriptions, processes and procedures for all cyber security operational services, ensuring compliance to security policies.
- Promoting cyber security awareness and training across the organisation.
- Work with business areas to provide security expertise for business and IT project and change.
- Identify and report on all cyber security risk and issues, with remediation plans to senior management.
- Taking the lead on security incidents; carrying out robust investigations in order to identify corrective actions, seeing them through to completion.
- Manage 3rd party suppliers, to ensure that information systems are protected from cyber attacks.
- Handover to the permanent civil servant recruiter
- Significant professional Cyber/IT security experience in a government setting.
- Experience in security architecture, security operations, threat/vulnerability management, cloud security, application security, data privacy and protection.
- Experience of developing and implementing IT security strategies, objectives and plans.
- Familiar with information security frameworks, such as SANS Top 20 CIS, OWASP, ISO 27001:2013, Cyber Essentials, HMG Security Policy Framework or other similar frameworks.
- The ability to manage/prioritise a large and varied workload, take decisions under pressure on own initiative and meet challenging deadlines (setting and adjusting competing priorities in a rapidly changing environment).
- A commitment to continuing professional development by regularly self- assessing own training needs and taking steps to ensure any new objectives are identified and achieved.
- An excellent understanding of information security principles and practices, the threat landscape and generally accepted good information security practice and standard.