Information Security Manager (identify & protect)

Location:Hampshire

Information Security Manager

Salary: Personal Contract

Location: Walton Park

Reference: req710

Overall purpose of the job:

To provide a conduit between the SGN security team and SGN’s managed security service provider for the below domains. The role is required to provide assurance levels to the maturity and continued optimisation of the service against KPI’s and SLA’s and changing threats and risks to SGN.

The job holder will have specialise in Governance Risk and Compliance, focussing on the Identify and Protect element of the NIST framework.This Specialist will lead and support regulatory compliance and support the CISO in executing the security strategy.

The job holder will act as the primary Security liaison person, working with the Regulators, translating relevant directives, giving guidance, and translating rules into actionable data for consumption by the CISO and Information Security and be accountable for internal and external audit deliverables.

Key deliverable:

Identify:Asset Management, Business Operations, Governance, Risk Assessment, Risk Management Strategy.

Protect: Access Control, Awareness & Training, Data Security, Info Protection Policies, Processes and Procedures, Maintenance, Protective Technology.

Skills required:

  • Knowledge of industry standards such as NIST, ISO 27001, PCI-DSS, Octave Allegro and other risk management frameworks

  • Ideally have relevant degree or industry recognised certifications e.g. CISSP, CISM, CISA

  • Managing the organisations relationship with outside regulatory bodies regarding cyber and information security in areas under your remit

  • Take ownership of security and awareness programme and ensuring desired outcomes are met

  • Have proven experience managing company-wide strategic projects

  • Strong technical understanding and experience of systems and databases security, Identity and Access Management (IDAM), Encryption, Penetration Testing, Firewalls, BCP and DR, SIEM, DLP, Cloud (AWS) Security. Information Security Strategy, Application and Infrastructure Security.

  • Development of Security Policy, Standards, Procedures and Guidelines, and Security Risk

  • Assessments. Vendor management/MSPs

  • Ability to adapt to a fast-moving client landscape where there are constant challenges in providing the agility required of the creative process, whilst maintaining a mature attitude to Information Security

  • Analytical mind, capable of managing numerous information sources whilst providing data analysis reports to senior executives

  • Strong customer focus, able to respond quickly and effectively to internal and external client demands

  • Excellent communication skills, both verbally and written

  • Flexible and adaptable

  • Have a strong work ethic and the ability to meet deadlines and objectives

  • Minimum of 10 years’ experience in the field of Information Security

  • Demonstrable exposure to Change Management and business process experience Qualifications

    Appropriate, proven track record and wide ranging and diverse experience

    What will I get in return?

    • Competitive starting salary and other benefits, including company pension scheme.

    • Plenty of potential for further development and progression within the Company.

    • Employment with a highly regarded, award winning company with a commitment to developing an equal, diverse and inclusive culture.

    WHO WE ARE

    At SGN, we strive to sustain our world through managing the network that distributes natural and green gas across the south of England and Scotland. We have an important responsibility to keep the gas flowing to 5.9 million homes and businesses. Your work directly impacts SGNs commitments to keeping our customers’ homes and businesses safe.

    We’re on a journey to transform the future of gas and we think outside the box – futuristic technologies and robotics are leading our innovation. Keeping our customers safe and warm is what we do but beyond that, we want to make the world a better place, which is why we’re passionate about helping in our communities, reducing our carbon footprint and driving innovation in our industry.

    We’re quick to deliver and we may not always wait until the job advert expires before reviewing applications. We recommend you submit your application as soon as possible so we can continue the conversation…