The Information Security Business Manager will report to the CISO and maintain the development and delivery of the Information Security Strategy with the support of the business divisions and key third party organisations. This is a critical role in a multi national business with 5 business areas, candidates must therefore have excellent communication and stakeholder management skills. You will also have a strong understanding of Cyber Essentials, PCI-DSS and ISO27001. The role will manage a team of approx 6 people.
Key responsibilities will include:
Support the development and maintenance of the Information Security strategy and accompanying framework(s)Provide support to develop and update Information Security directives, policies, standards and guidance in conjunction with the Divisions. Manage appropriate updates and approvals via the Information Security ForumPerform Divisional Information Security reviews where appropriate and ensure timely management and resolution of non-compliance issues defined both internally and externallyWork with external consultants as appropriate for independent security auditsEnsure that Information Security issues are addressed properly with all relevant 3rd partiesSupport and oversee Information Security incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessaryFollow all relevant legislation and liaise with the Divisions to ensure that security measures adequately protect staff, client and supplier information
Preferably educated to degree level with professional Information Security qualifications (this should be CISM / CISSP or equivalent, or Membership of the Institute of Information Security Professionals)5 years+ senior management experience, working as part of a multinational Information Security functionHighly desirable to have experience of HMG regulated environmentsExperience of leading major security programmes underpinned by complex IT solutions in a variety of industries and cultures. Recognised as achieving high levels of performance and customer satisfactionExcellent up-to-date insight to Information Security arena and able to demonstrate IT technical awarenessAble to demonstrate a high degree of commercial awareness and to quickly identify and understand the systems, processes and risks relevant to the business and its goalsProven team leadership, man-management, coaching, mentoring & developing skillsExtensive experience of relationship and stakeholder management at all levels including senior management across a diverse business environment