Information Security Assurance Manager
Initial 6 Month Contract
IQ Talent Solutions are delighted to be working with our Global Multi-Channel Retailer based in London, to assist with the recruitment of an Information Security Assurance Manager on an initial 6 month contract.
You will be responsible for working with Project and Operational teams to ensure that Information Security is implemented in projects and embedded in operations.
The role will require someone with a diverse background in the Information Security and IT Operations areas, along with aspects of Risk Management, Project Assurance and Operational assurance.
You will have strong knowledge of industry recognised security frameworks and regulations such as; ISO 27001, ISF SOGP, DPA/GDPR and PCI-DSS. Due to the fact that this is essential to aid in the communication of compliance and associated risks to key stakeholders.
Main Areas of Responsibility
- Support security and risk management reporting and risk related actions and follow up
- Review new and existing supplier and partner contracts and perform regular assurance activities to validate supplier security posture
- Performance of audit related activities internally and externally to the organisation, as well as preparation to receive external audits
- Lead the team of 5 Project Assurance Leads and own the portfolio of work for the same team
- Review design and architectural design documentation and data flow diagrams and provide security requirements and input
- Support IT and Business transformation projects by ensuring they are risk-assessed and controls and security requirements are met through the transformation lifecycle, including compliance requirements such as ISO 27001 and PCI-DSS
- Develop information security processes and procedures alongside business and IT stakeholders and its embedding
- Attend business governance meetings as required representing the Information Security team
Desired Skills and Experience
- 6+ years of Security Engineering/Architectural experience
- Excellent analytical skills and ability to solve complex problems;
- Excellent communication skills and the ability to clearly and concisely articulate information security risks to business and technical teams;
- Ability influence security good practice behaviours within the organisation;
- Strong interpersonal skills and be approachable for all members of staff;
- Ability to communicate effectively at all levels within the organisation;
- Ability to manage third party security vendors and be involved in the procurement process;
- Experience in Security Governance and Security Assurance;
- Knowledge of ISF, ISO 27001, SOGP, PCI-DSS and GDPR; and
- Previous management experience in information security.
- Bachelors or master's degree in computer science, information technology, information security or a related field;
- Previously worked within a large, multinational retail organisation; and
- Previous experience in information security strategy;
- Understanding of SharePoint libraries and publication to intranets.
- CISSP (ISSAP, ISSEP)
- ISO 27001:2013 Lead/Implementation Auditor.