InfoSec Manager – Glasgow Hybrid – 80K plus 30% Bonus

Lorien’s longstanding client, an organisation with a great reputation in their domain with a healthy appreciation for how technology enables their staff and operations, is looking to hire a security-savvy professional with a passion for protecting sensitive data. Right now they’re seeking an exceptional InfoSec/Information Security Manager to take the reins and lead their information security programme; safeguarding their clients, organisation data, and core systems.

They’re a great firm we’ve seen treat those we have already introduced into their teams very well, and offer a range of incentives (including a 30% bonus, flexible hybrid working arrangements, and a comprehensive host of other benefits including private healthcare, professional development and ongoing upskilling avenues, friendly people to work with and more), so take a look and apply if this looks like a great next step for your career:

Key Responsibilities:

• Develop, execute, and maintain the overarching information security strategy/policies/relevant frameworks in adherence to ISO standards and other key regulations
• Oversee the firm's ISO 27001 accreditation and oversee regular risk assessments; taking ownership of the register and plans
• Draft and implement InfoSec metrics/key performance indicators/reporting (up to board level) to demonstrate security/control/initiative effectiveness
• Audit and improve the firm's security operations across the spectrum, including incident response and escalation/best coding and config practice/and so on
• Implement technical/strategic measures to protect key data/confidential information such as encryption/preventing data loss/DR planning/scenario testing.
• Embed and oversee 3rd party & supply chain risk management processes/procedures as well as audits and external party assessments
• Draft up and execute initiatives such as security awareness initiatives

What they're looking for:

• Strong track record in the Information Security domain within regulated work settings
• Strong knowledge of relevant information security laws/regulations/standards such as ISO 27001, GDPR, Data Protection Act, etc.
• Ideally a relevant degree and any professional certification/s (CISSP/CISM/Lead Implementer/Auditor or equivalent)
• Demonstrable background operating/maturing Information Security Management Systems in line with ISO standards, and leading external audits, certifications, and risk management/security awareness initiatives
• Ability to work with representatives at any level as well as external clients/auditors/partners

If you're an experienced security professional who thrives on protecting sensitive data and enabling a secure, modern firm, we encourage you to apply for this exciting Information Security Manager opportunity. Don't miss out on this chance to make a significant impact within a dynamic and reputable organisation, and apply with your latest CV for immediate consideration.