Home based role Help strengthen our Team as our Senior Information Security Manager. Home based role.
Great opportunity to join our team as our Senior Information Security Manager to work with numerous clients across the public and private sectors, on different types of engagements offering a fantastic exposure to a wide variety of InfoSec projects.
You will enjoy freedom and autonomy to make your own choices on the best way to successfully complete projects, in a role where you will be coming up with solutions to interesting problems, rather than simply maintaining existing systems & structures.
Your responsibilities will be across technical and GRC areas of cyber security, providing assurance, management, and control of cyber security on behalf of our clients as well as identifying requirements and vulnerabilities, testing cyber security controls, and protecting other cyber systems.
As a global IT and business service provider, across multiple sectors, Capita has a wide array of Information Security requirements, technologies and teams. Working within the Cyber Consulting division you will gain a fantastic exposure to various InfoSec topics, helping you to progress your career alongside a strong training & development programme.
What You'll Be Doing:
-Identifying and reporting systemic weaknesses in control effectiveness
-Specifying requirements for cyber Health Checks to ensure identification of vulnerabilities and testing of cyber security controls, and to protect other cyber systems. Managing the resulting remediating controls for the business
-Reporting and where applicable investigating security incidents or breaches of security policy in accordance with local procedures and guidance.
-Chairing cyber security working groups, and representing cyber security on Change Advisory Board
-Managing compliance in areas of responsibility with organisational commitments to Codes of Connection with partners
-Contributing to development of cyber security policy
-Maintaining the information security risk register ensuring that all known risks are appropriately assessed, and risk treatment plans are in place for all risks assessed to be above the organisations risk tolerance level.
-Promoting a culture of information security awareness within the organisation.
-Planning and conducting a programme of internal and second-party audits to measure compliance with security policy and associated standards.
-At times, managing a team of Security Analysts on assigned client engagement.
What we're looking for:
-Proven experience as an Information Security Manager or similar role
-Experience of Information security risk management and governance
-Broad technical background in ICT
-Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP).
-Certified ISO/ IEC 27001 Lead Implementer and/ or Lead Auditor
-Strong knowledge and experience with the ISO/ IEC 27001:2022 and other Cyber Security standards
-Good technical understanding and with the ability to explain technical problems to non-technical business stakeholders at all levels.
-Aptitude to remain up to date with information security standards and Technology.
-Good understanding of information/ cyber security issues across various sectors
-Assertive personality with strong organisational and interpersonal skills.
-Good technical, analytical, and communication skills (both written and verbal).
-Strong Stakeholder management
-Eligibility for SC Clearance
Desired Certifications but not essential:
-ISO 22301 Lead Implementer and/ or Lead Auditor certified
-PCI-DSS Internal Security Assessor (PCI ISA) certified
-CESG Certified Professional (CCP) ITSO certified
-ISACA Certified Information Systems Auditor (CISA) certified
-Pension background/ industry experience
About Capita Technology and Software Solutions (TSS) and CISO
Capita Technology and Software Solutions (TSS) is a global shared service, responsible for delivering innovation and digital transformation for Capita's businesses and clients. We work collaboratively with Capita's divisions to shape the right digital technology solutions to help clients work differently, engage differently, sell differently and to be resilient to whatever next comes their way.
Within Policy, Governance and CISO our key capabilities are to define, implement a