Information Security Compliance Manager

Join Us: Information Security Compliance Manager!

?
Are you ready to take on a pivotal role in the realm of Information Security, contributing to the safeguarding of critical services within the Public Sector? As someone who is passionate about making a difference and thrives in ensuring compliance with the highest standards, we want you on our team!
As our Information Security Compliance Manager, you will play a key role in implementing and executing the strategy, policies, and working practices defined within our Management System. Joining our dynamic Security team, you will provide expert support to meet internal and external ISO/IEC 27001 requirements, manage Security frameworks, and oversee the Cyber Essentials/Cyber Essentials Plus program.

What you will be doing:

• Taking ownership and responsibility for policies and controls to ensure compliance with regulatory, audit, and security best practices.
• Responsible for production and maintenance of detailed security documentation and the Information Security Management System (ISMS)
• Take ownership of ISO/IEC 27001 actions resulting from external audit and compliance activity - facilitate interaction between the relevant teams from issue identification through to evidence collection and issue close out.
• Evaluate operational procedures and evidence artefacts to confirm accuracy and appropriateness against contractual requirements, frameworks and standards. Ensure appropriate implementation of security controls in the organisation.
• Partner with SMEs and collaborators such as Internal Audit, Risk and Assurance, Information Assurance, IT, Ops Control, Facilities, SSCL HR, Architecture to identify, remediate, and track Information Security issues.
• Responsible for maintaining the control descriptions for all ISO 27001 controls (Statement of Applicability).
• Ensure compliance to ISO/IEC 27001 and to Cyber Essentials/Cyber Essentials Plus, handle annual recertification process and work as required with IT for evidence preparation.

What you will bring:

• ISO/IEC 27001 Lead Implementer/Auditor
• Security Certification such as CISSP, CISM, CCP or CRISC
• Previous experience of Cyber Essentials/Cyber Essentials Plus certification process
• Knowledge of risk assessment methodologies and assessments, penetration testing, vulnerability management, threat management, BCM/DR, patch and virus compliance, cryptography and physical security

It would be great if you had:

• Previous Experience supporting large-scale transition projects

If you are interested in this role but not sure if your skills and experience are exactly what we’re looking for, please do apply, we’d love to hear from you!

Employment Type: Full-time
Location: Flexible. Mostly remote with occasional requirement to be on-site
Security Clearance Level: SC & NPPV2
Salary: £51,000 - £71,000, depending on experience
Benefits: £5,400 car allowance, 25 days annual leave with the option to buy additional days, private medical, life assurance, pension, and generous flexible benefits fund

Although this role is advertised as full-time, we believe that flexibility at work can promote work/life balance, increase your motivation, reduce stress and improves performance and productivity. We support different ways of working and can offer a range of flexible working arrangements. So, if you’re interested and need to work flexibly, we encourage you to apply and talk to us about what might be possible.

Loved reading about this job and want to know more about us?

?
SSCL is the market leader in critical business support services for the UK public sector. Operating at size and scale since 2013, SSCL has delivered over £750 million of savings - providing more funds for front line public services. We transform services using digital solutions and innovative technology, developing platforms that enable flexibility to meet the changing needs of our Government, Defence and Police clients.

We employ around 3,000 people who sit at the heart of our business strategy. Their passion and connection to our values and our purpose is what sets us apart and puts SSCL in the Top 20 of GPTW large workplaces. 'Living SSCL’ means we deliver social value within our services and work with our clients and community partners to support programmes such as education and employability initiatives across the UK.

We embrace difference as a source of creativity, innovation and competitive advantage and are striving to become a more diverse organisation. We welcome applications from people with a diverse variety of backgrounds and identities. We are committed to equality of opportunity for all and do not discriminate on the basis of race, religion, colour, gender, age, disability, sexual orientation or marital status. We have partnered with Vercida, the UK's largest diversity and inclusion focused careers site, where all our vacancies are available in an accessible format.

If you require any adjustments to the recruitment process, to enable you to perform to the best of your ability, please let us know when completing your application. We participate in the Disability Confident scheme and are committed to offering an interview to any candidate with a disability, who meets the minimum criteria for the role. If you believe this could apply to you, please let us know when completing your application.