Information Security Standards and Compliance Team Lead
This job does not exist anymore.
Or fill in the form below to receive job alerts.
|Job Type||Permanent Full Time|
|Area||Coventry , United Kingdom|
In a nutshell
In a nutshell Leading and managing the Standards and Compliance Team on the creation, review and delivery of Information Security Standards and Compliance. The team have two main functions; firstly creating documentation, reviewing existing and new technologies and educating colleagues on the best security practices for the company. Then secondly Identifying and assuring the variety of Business Partners who hold company Data along with internal audits for compliance in line with ISO27001, PCI DSS and General Data Protection Regulation (GDPR). Includes ensuring adherence to Policy, Standards, Legislation and Regulation and the performance of other administrative duties relating to Information Security Management.
Lead and manage your team of Information Security Analysts, including direct line management,
technical management, training, professional development and discipline.
Create, Review, Investigate and Educate on technologies new to and used by the company and
define Security Standards for governing their employment.
Investigate, Audit and Educate company Internal Business teams and Business Partners for
Compliance against ISO 27001 and PCI DSS.
Support the development of company Policy on Information Security.
Identify and manage the risk relating to Business Partners that share company information
and interact with company technologies.
Support the company’s Data Governance in protecting company information.
Deliver high quality Reports, Presentations, Processes, Procedures and Risk Assessments to all
levels within the company and its associated Business Partners.
Lead and contribute to Continual Process Improvement.
Provide sound analysis-based decision making using Information Security best practice as your
Multi-task and lead or support a number of different tasks simultaneously.
Deliver high quality work to meet company expectations and business needs.
Have a keen interest in security and thrive on complex challenges.
Be self-motivated and motivate others keeping morale and performance high.
Maintain Professional Development.
Support other Information Security related tasks as required.
Have involvement with all Information Security functions including Projects, SOC and Security
Testing to ensure Policies, Standards and Awareness initiatives support their processes.
How I will succeed
Effectively lead and manage your team.
Delivery of a professional Information Security service to Colleagues and Customers.
Accurate management of Assessments and Audits.
Successful completion of allocated tasks.
Compliance with company Information Security Standards.
Recognition as an Information Security professional.
Continuous Personal Development.
Keeping up to date with latest industry knowledge and trends.
Excellent feedback from customers.
Talkback 360 degree feedback from colleagues.
What I need to know
Degree (Preferred) or relevant industry experience – Essential.
Professional Security qualification (Current CISSP or CISM preferred)
ISO 27001 Lead Auditor or Lead Implementer qualification.
Knowledge of Data Protection Act and PCI DSS.
Knowledge of General Data Protection Regulation (GDPR).
Knowledge of the principles of Information Security in a commercial environment.
Understanding of network architecture, protocols and principles.
Understanding of Security Risk Analysis techniques.
What I need to show
• Leadership and Team Management skills.
• Soft skills.
• Development of Standards and Policies.
• Auditing of Infrastructure, Applications and Processes to ensure they are secure.
• Works collaboratively with a range of people to support the wider business agenda.
• Process Improvement and Design.
• Information Security related knowledge and experience.
• Methodical and logical thinking.
• Oral and written communication skills.
Resources available to me
Software licences, hardware, documentation and management tools of relevance to the role.
3rd Party service providers (as appropriate).
A dedicated team to deliver tasks and responsibilities.
Cloud Security Tool.
Network and Infrastructure Support.
The Information Security team.
Proactive Management team.
What decisions I can make
Team management and leadership.
Collaboration on team recruitment.
Significant freedom to contribute to the design and operation of within-team processes.