Information Security Manager

Overview
PM Group are looking for an experienced Information Security professional to join our team and be responsible for defining and embedding best practice information security policies, standards and processes based on ISO 27001.
This role will maintain our ISO 27001 certification, provide security architecture advice and guidance to technical teams, manage and deliver new information security programmes.
Responsibilities
Governance, Risk & Compliance
Lead on compliance reviews, certifications and accreditations (e.g. ISO27001, GDPR, third party supplier & client etc.).
Complete security threat and risk assessments, monitor the risk treatment plan and perform security assessments/reviews on complex information systems.
Implement relevant Governance, Risk and Compliance (GRC) controls and measures to protect systems and data.
Verify current digital solutions and processes are in line with current policies and in line with modern secure technologies.
Enhance existing and create new information security policies, standards and guidelines.
Contribute to the development of the digital strategies to address our information security risks.
Work with business, internal IT and 3rd party vendor teams to promote and adopt security best practices.
Provide information security support to current and future IT projects.
Manage Information Security Audits within the scope of the ISMS and from our own Internal Audit team, clients and third parties.
Information Security Management
Project manage and deliver core information security projects to support the transformation programmes and manage the information security 'business as usual' activities.
Security Awareness
Manage the development of Information Security Awareness programmes and in house security awareness training and security communications.
Technical
Carry out security architecture reviews to ensure defence in depth, security by design is implemented and where required to support privacy by design.
Knowledge of Zero trust technologies and architectures.
Working knowledge of the latest security designs for Microsoft environments including Azure, M365, Power Platform and Copilot services.
Working knowledge of the software development lifecycle within the enterprise organisation.
An understanding of how to securely integrate data flows between different systems.
Develop and create security hardening standards to secure our systems.
Qualifications
Required
Good Knowledge of managing an ISO 27001 Information Security Management System.
Minimum 5 years' experience working in information security.
Understand GDPR and Data Privacy Impact Assessment.
Monitoring and reporting on compliance with security and data protection policies, as well as the enforcement of policies.
Good understanding of Microsoft M365, Power Platform, CoPilot and Azure security.
Understand secure design architecture and principles.
Ability to triage security incidents.
Ability to carry out technical security audits.
Ability to carry out security architecture reviews.
Preferred
ISO 27001 lead auditor or Lead Implementer.
Degree or equivalent in Information Security, Computer Science, Engineering or similar.
Holds a recognised security certification such as CISSP, CISP or CISA.
Personal Specification
Demonstrate pro-active, personal responsibility and demonstrate ability to operate with autonomy.
Strong work ethic.
Good communications skills, both verbal and written, and the ability to work within a multi-discipline team environment.
Ability to produce accurate, high-quality work to strict project deadlines.
Flexibility and willingness for limited travel.
Strong organizational and project management skills.
Ability to plan and manage projects.
Interest in learning new and developing technologies.
Why PM Group?
As an employee-owned company, we are inclusive, committed and driven.
Corporate Responsibility and Sustainability are the heart of our new 2025 business strategy.
Inclusion and Diversity are core to our culture and values.
Wherever we work, we commit to a culture of mutual respect and belonging by building a truly inclusive workplace rich in diverse people, talents and ideas.
Valuing the contributions of all our people and respecting individual differences will sustain our growth into the future.
PM Group is committed to ensuring our hiring process is fair and accessible to all and will provide candidates with disabilities with reasonable accommodations required to participate in the recruitment process.
If you require any assistance in this regard, please let us know.
#LI-OT1
#J-18808-Ljbffr