Info Sec Manager – 6 months contract - Nationwide
We are seeking an Information Security Manager, on a 6-months contract based in the UK.
The individual we are seeking would have a compliance background and information security background that could help fulfill requirements in this area! You will be responsible for ensuring info security operational processes are completed!
This would be a great opportunity if you are eager to get your foot into one of the BIG 4 CONSULTANCY!
• Onboarding new client projects from an information security perspective
• Develop a plan for onboarding, delivering on activities related to the plan, and communicating updates accordingly.
• Review and input to client project information security contractual clauses.
• Owning the completion and approval of any Information Protection Plans (IPPs)
• Manage information security risks related to the client projects within the Learning Services offering (including any 3rd party suppliers). Support capturing of privacy, information security, and data governance risks. Communicate risk position to the required stakeholders.
• Manage security incidents and coordinate data incident actions with relevant internal and external stakeholders and ensure all required actions are completed in accordance with the central security incident management framework.
• Respond to internal queries regarding information security and data privacy.
• Develop, deliver and continually improve client project tailored information security training and awareness - eg newsletters, presentations, new joiner pack
• Phishing Testing - planning and coordinating email and voice phishing testing with relevant follow-up activities.
• Develop, implement, review and improve client project-specific user access management processes (such as joiners, movers, and leavers)
• Conduct and manage periodic user access reviews (UARs) and user entitlement reviews (UER)
• Ensure technical or organizational changes go through the relevant design or assurance forums for approval and completion of impact assessments.
• Support management of security testing eg vendor management, resource management, logistics, reporting internally and to the Client, etc.)
• Driving the remediation of security test findings with the Technology support teams
• Ongoing ownership and management of required information security documentation (eg IPPs).
• Share experiences with others to assist their learning and understanding, providing coaching and mentoring to junior staff members.
• Actively engage with others in order to address their views/concerns.
• Data Privacy
• Maintain a register of personal data processing activities (Article 30) for Learning Services client projects.
• Support Data Subject Request (DSR), manage and coordinate all data subject requests from receipt to conclusion (as per procedure).