Information Security and Compliance Manager

Marcus Donald are pleased to present this opportunity for an Information Security and Compliance Manager role for a large Business Consulting Company. Head office is located in London. You will act with the delegated authority of the Senior Information Risk Owner (SIRO), produce the reports, and undertake the actions necessary to ensure company security policies are followed. You will lead security efforts, managing operations and maturing security standards and certifications, as well as personnel security and data protection compliance.
**Hybrid working available, 2/Week in London**
**Competitive salary range of £80,000-£90,000**
This role comes with a range of flattering benefits including;

• Private medical insurance
• 10-15% annual bonus
• Pension plan
• Comprehensive & tailored learning & development programmes + more...

Information Security and Compliance Manager – Responsibilities;

• Maintaining, developing and extending existing ISO certifications including ISO9001, ISO14001 and ISO27001 including preparing for re-audits as well as working with external audit bodies to plan, prepare and host external audits
• Defining the role and scope of internal audit plans whilst developing appropriate testing strategies for all quality and compliance audits
• Maintenance and compliance of security policy including document handling and control
• Monitoring compliance with the GDPR and other data protection laws, and with company data protection polices, including managing internal data protection activities
• Coordination of incident management and reporting; ensuring that breaches are identified, reported, assessed, and remediated
• Chairing the Security Board; reporting status of ISMS improvement plans, risks and previous actions
• Accountable for all compliance and coordination with clients and law enforcement organisations and be responsible for GDPR compliance and will be the designated Data Protection Officer.

Information Security and Compliance Manager – Requirements;

• Lateral or direct experience of incident management & disaster recovery and business continuity
• Developed a good knowledge of internal systems, governance and infrastructure to allow accurate completion of client security questionnaires
• The ability to influence senior management at forums such as Company Security Boards
• Have a working knowledge of information security standards such as ISO27001, General Data Protection Regulation (EU) and Data Protection Act 2018 (UK)
• Capable of writing new policies and procedures

If you, or someone you know, are suitable for this role, please don’t hesitate to contact Phoebe pburton@marcusdonald.com or apply via this job ad.
So excited for your responses !!