We are looking for an ambitious Information Security Manager to join our team to support our clients in delivering information assurance and security.
Extensive experience consulting with clients and internal stakeholders is essential, and this position would suit someone who enjoys working within a fast-paced and varied environment.
The role will have ownership of ensuring that all information assurance and security requirements comply with industry good practice and relevant legislation. Ideally, you will have hands on experience of implementing and managing ISO27001:2013 and Cyber Essentials up to and including certification.
Expansive experience of risk management frameworks and methodologies such as ISO27005:2011, ISO31000:2018, NIST, COBIT 5, HMG IS1 & IS2, IRAM 2 or similar.
You will have a comprehensive understanding of security threats, security and cloud technologies (including private cloud, Microsoft Azure, Microsoft 365 and Amazon Web Services) legislative and regulatory standards, industry frameworks and best practices.
Experience within the public sector including central and local government, healthcare, and blue light services would be advantageous.
How you will spend your days?
- The Information Security Manager will be responsible for assessing, approving and advising on all information assurance and security matters
- Creating, developing and maintaining security guidelines, ensuring that compliance plans are maintained, promoting continual improvement
- Liaise with relevant external bodies to achieve or maintain security certifications which may include certification bodies, Information Commissioner and other legal entities
- Be the point of contact for the client (whether internal or external) in all matters relating to information assurance and security
- Manage and mentor the local Information Assurance team
- Work with project and programme teams to identify solutions to security challenges that they might introduce, to ensure that assurance, security and compliance is maintained
- Providing information assurance and security input to help support the sales and bid process
- Implementing and maintaining information security management processes to ISO 27001:2013 standards, as well as certifications and approvals
- Conduct internal audits in support of Information Security Management Systems
- Support client internal and external client audits
- Managing security and risk assessments
- Assisting Agilisys and the client to investigate any IT security incidents/events
- Assist the client in the management of code of connections
How to stand out?
- Customer focused and influential, with a high desire to drive results
- Ideally CISM or CISSP qualified
- Experience with PSN requirements and PSN IT Health Checks
- First-hand knowledge of information security management within the public sector including central and local government, a Government department, healthcare, blue light services or a large organisation
- Experience of writing and introducing effective information security and compliance policies/guidelines
- Proven track record in information risk management including security risk assessments and treatment
- Proven experience of ISO 27001:2013 certification
- Experience of NCSC Cloud Security Principles and security guidance
- Experience in data protection compliance
- Current knowledge of technical security controls in a modern IT environment including private cloud, Microsoft Azure, Microsoft 365 and Amazon Web Services
- Proven track record of performing incident management for security incidents and events including lessons learned
- Business Transformation and Change management experience
- Providing support for sales and bid workstreams
What's in it for you?
Agilisys is an employee owned organisation that delivers success through innovation, working with public sector partners to help them transform services that make a real difference to millions of people across the UK.
At Agilisys, we are passionate about people who are passionate about technology and digital disruption. We pride ourselves on our integrity towards our colleagues and our clients and strive to be the transformation and operating partner of choice to the public sector.
We are collaborative in the way we work, and our agile and dynamic environment poses a number of opportunities for exposure to new technologies and ways of working. As an Employee Owned business, our people are our main asset, and everyone has a real say in the direction that the business is heading.
As a valued employee owner, you will be entitled to receive the below corporate benefits:
- Pension Scheme
- Health Insurance
- 25 days annual leave
- Being an Employee Owner as part of the EBT
- Life Assurance
- Flexible working
- Access to exclusive discounts and offers with a variety of retail providers through Agilisys “Perks at Work” scheme
Agilisys operates as an equal opportunities employer and we welcome all applications regardless of gender, marital status, sexual orientation, pregnancy, race, colour, ethnic origin, nationality, religion or beliefs, disability, age, political opinions or trade union membership.