Information Security & Governance Manager

Apply Now

Location: Leicester HQ

Reporting to: CTO

Bellrock Property & Facilities Management Ltd provides specialist risk focussed workplace management and property management services to a wide range of complex and sophisticated clients throughout the UK. Operating in the corporate, healthcare, education, retail & leisure and local authority & central government sectors, we create and implement bespoke solutions to improve the performance and value derived from non-core activity.

The opportunity has arisen for an Information Security & Governance Manager based in Leicester this is a senior position reporting to the CTO. In this role you will be engaging with the wider business and key stakeholders to drive the continual improvement of information security practices across the organisation to ensure the ongoing compliance to ISO 27001 and data protection regulations.  This senior position presents a great opportunity to an individual with a technical background who has several years’ experience working in an information security role.

Key Responsibilities:

  • Act as subject matter expert to the business on all areas of information security and privacy.
  • Develop Information Security strategy in line with organisational objectives.
  • Ongoing management, maintenance, and continual improvement of the organisations Information Security Management System and Data Protection Framework.
  • Develop and improve organisational policies and procedures.
  • Undertake ISO 27001 extension to scope audits as required to align new acquisitions to the central ISMS.
  • Work closely with the wider business to ensure security and privacy is embedded into working practices and processes.
  • Chair the Information Security Steering Group and oversee monthly management review meetings reporting.
  • Work with the Head of IT to identify, procure and install security-related applications and services in support of the organisational security strategy.
  • Raise awareness of information security and privacy across the organisation.
  • Own the Security Incident Management Process and ensure stakeholders know their responsibilities and the process is regularly tested through the use of tabletop exercises and playbooks.
  • Carry out information security and privacy risk assessments and internal audits.
  • Develop, monitor, and report on key IT security metrics.
  • Undertake third party due diligence and risk assessments.
  • Stay abreast of new and emerging threats and communicate them to the business accordingly.

Core Skills:

  • A solid understanding of The UK Data Protection Act, GDPR, ISO 27001 and the Cyber Essentials scheme.
  • Previous experience managing and maintaining Information Security Management Systems.
  • The ability to understand business context and technology landscape and apply appropriate security solutions in response to different risks and needs.
  • Strong stakeholder management and good communication skills.
  • Must be able to articulate security and privacy risk to non-technical users.
  • Relevant security-related qualifications such as CISSP, CISM, CRISC, CISA, Lead Auditor, QSA would be advantageous.
In return Bellrock are offering a competitive salary. Working hours are Monday – Friday based on 37.5 hours per week and 25 days holiday per year + bank holidays.

In addition to this Bellrock also offers the successful candidate employer contributed pension scheme and a Company Retail Discount Scheme

If you are interested in applying, please submit your CV and covering letter via the link or directly to recruitment@bellrockgroup.co.uk

 

STRICTLY NO AGENCIES PLEASE.

Apply Now
vision

Bellrock Careers

Locations

Our Locations