Description
Urgent requirement for a household brand for a Information Security Compliance Manager to be based in Middlesex, although travel to London and potentially the North on occasion is required. You must be available to start before the end of October as this is an urgent requirement.
The Compliance Manager works in the Information Security Team within a Global function and reports to the Head of Information Security.
The purpose of the role is to own and manage compliance activity across the wider Services team, covering risk management; ISMS ownership; compliance with applicable company policy and standards; applicable contractual, statutory and regulatory frameworks from an IT operational perspective; internal and external audit coordination and support; managing security requirements and activities of 3rd party suppliers; pen testing and technical compliance checks.
The role requires interactions with a wide range of senior staff, and so an ability to influence, inspire and manage stakeholders across the organisation is essential.
Knowledge and Experience required:
- Knowledge of ISO 27001:2013; experience of managing an ISMS
- Knowledge of risk management frameworks; experience of operational risk management processes
- Knowledge of audit processes and techniques; experience of working with internal and external auditors
- Knowledge of PCI-DSS; experience of PCI compliance processes
- Knowledge of technical security testing processes; experience of tracking tasks and activities to completion
- Experience of managing suppliers
Accountabilities
- Owns ISO27001 certified Information Security Management System
- Coordinates Information Risk Forum within the business
- Liaison with wider company Risk and Compliance teams
- Conducts audits and compliance checks, against company policy and technical standards
- Liaison with and support for company Internal Audit
- Owns PCI compliance within the business
- Owns security management of 3rd party suppliers and partners
- Coordinates security testing provided by specialist 3rd parties
Please apply ASAP for consideration. CV review ASAP and start before the end of October is a must.