Manager Information Security SRMG job in London at Lion ReSources UK Limited

Manager Information Security (SRMG)

Company: Lion Re:Sources UK Limited

Location: London UK

Date Posted:May 16, 2018

  POSITION PROFILE/DESCRIPTION  DATE:3/1/18TITLE:Manager Information Security (SRMG)DEPARTMENT:Global Security OfficeREPORTS TO:Senior Director/Director/Senior ManagerDIRECT REPORTS:Could have up to 1 information security staff or consultant as direct reportFLSA CLASSIFICATION:ExemptSALARY:                               Competitive   SUMMARYThe Manager Information Security (SRMG) will ensure that security and compliance concerns within both internal and external initiatives are properly addressed.  The MangerInformation Security (SRMG) will regularly and upon demand meet with internal and external project sponsors and stakeholders, to perform security risk assessments to address security risks for multiple projects and support teams globally.  The ManagerInformation Security (SRMG) will document findings, suggest mitigation controls, track security deficiencies, and manage the implementation of suggested mitigations to ensure risks are successfully mitigated.   KEY DELIVERABLESThe Key Deliverables for this position include, but are not limited to the following:                  Perform Security risk assessments of Projects and Suppliers using security risk assessment methodology.                  Perform Security risk assessments of client projects and 3rd party suppliers using security risk assessment methodology.                  Suggest administrative, technical and physical security controls to protect sensitive information on project and 3rd party supplier environments.                  Monitor and report compliance to agreed security processes for multiple global client projects.                  Educate and advise technology and business executives as needed on operational and technology security risks as well as appropriate mitigation strategies and approaches related to security risk management.                  Perform Security risk assessment and Security architecture review of cloud solutions.                  Perform gap analysis with respect to contractual and other industry compliance requirements including but not limited to as GDPR, ISO27001, HITRUST, PCI DSS, HIPPA etc.                  Develop and manage administrative, technical, and physical security, including disaster recovery, cyber security, and facility access to minimize organizational risk.                   Develop and deliver security standards, best practices, architecture, and systems to ensure information system security across the enterprise.                   Implement procedures and methods for auditing and addressing non-compliance to information security standards.                   Assist in the review of client security requirements outlined in client proposals, client audits, and facility visits.                  Migrate non-compliant environments to compliant environments.                   Evaluate the organization to ensure compliance with standards and industry best practices.                  Deliver project and department goals timely and adhere to approved budgets.                  Prepare “Statement of Work” related to Security Services.                  Perform peer review of fellow colleagues’ risk assessment report. GENERAL DUTIESThe General Duties for this position include, but are not limited to the following:                  Accountable for multiple client projects and suppliersrelated to security risk management.                  Ensure effective stakeholder engagement both locally and globally.                  Cultivates relationships across internal teams and works towards building professional networks.                  Builds a positive, transparent, collaborative working environment for the team.                  Gets actively involved in issues and conflict resolutions and addressing client security requirements.                  Conducts meetings with stakeholders and facilitates discussion.                  Work with fellow security staff to help coordinate responses to security incidents.                  Time management to ensure project or non-project related deliverables are completed in a timely fashion.                   This position must liaise with positions of various levels across Publicis Groupe business units.   COMPETENCIESThe Competencies for this position include, but are not limited to the following:                  ISO 27001 Lead Auditor Certification                   ISO 31000 – Risk Management Principle Certification                  ISO 22301 Lead Auditor Certification                  Must be familiar with SSAE compliance, SOC 1, SOC 2 reports                  Must be familiar with security risk assessment methodology (ISO 27005 a plus) and have experience in performing the same.                  Must have rudimentary understanding of compliance requirements such as EU Data Protection Directive, MA 201 CMR 17, PCI DSS requirements (CPISI), HIPAA, and information security best practices. EXPERIENCE AND EDUCATIONQualifications for this position include, but are not limited to the following:                  Bachelors or Master’s degree in IT, science, math, engineering, computers, security or related field.                  8-10 years of experience in Security gap assessment, Contractual reviews, Risk Management, ISMS, ISO 27001 implementation                  Working knowledge of any off the shelf GRC product will be an advantage                  Excellent verbal and written communication skills a must                  Solid understanding of IT security technologies                  Solid mix of business and technical capabilities, and the ability to communicate complex technical security risk management issues to senior executives within the context of their business.                   Ability to identify security risk management opportunities with clients and propose solutions that meet the clients’ needs.                   A ‘can do’ attitude team player who works well under pressure and with dispersed groups, worldwide.                  Technical certifications such as CISSP, CISM and CISA are a plus.                  Strong oral communications and writing skills are necessary.                   Must be a self-starter with strong organizational skills to enable navigation of the company to identify sponsors, stakeholders and interested parties.                    Ability to demonstrate poise and confidence while leading security assessments independently to external stakeholders is important.                  Time management to ensure completion of deliverables in a timely fashion.  PHYSICAL REQUIREMENTS The Physical Requirements for this position include, but are not limited to the following:Use of computer, speaking on telephone, writing, occasional lifting of files or light boxes WORK CONDITIONSThe Work Conditions for this position include, but are not limited to the following:                  Some business travel, primarily in the geography the role is based out of                  May be required to work late hours sometime for coordination with other geographies. Not required regularly, only on a need basis. This job description in no way states or implies that these are the only duties to be performed by the employee(s) currently in this position. Employee(s) will be required to follow any other job-related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments.A review of this position has excluded the marginal functions of the position that are incidental to the performance of fundamental job duties. All duties and responsibilities are essential job functions and requirements and are subject to possible modification to reasonably accommodate individuals with disabilities. To perform this job successfully, the incumbent(s) will possess the skills, aptitudes, and abilities to perform each duty proficiently. Some requirements may exclude individuals who pose a direct threat or significant risk to the health or safety of themselves or others. The requirements listed in this document are the minimum levels of knowledge, skills, or abilities.This document does not create an employment contract, implied or otherwise, other than an "at-will" relationship. Re:Sources is an Equal Opportunity Employer POSITION PROFILE:MANAGERINFORMATION SECURITY (SRMG)              Page 1 of 1 View full job description
JobCentre Plus 2 months ago
Need more jobs?

Submit your CV so employees can contact you directly for more!

Manager Information Security SRMG jobs in London

Job location:

London Map of Manager Information Security SRMG job in London at Lion ReSources UK Limited

JobHits is one of the fastest growing job search engines in the UK. Everyday 30,000+ new jobs, find your ideal job from vacancies at major job boards and companies� careers websites in the UK.

© 2013 - JobHits Pty Ltd