Job Title:Risk & Governance Manager – Information Security
Contract Type: Permanent, Part Time, Full Time, Job Share option available
Salary Range:£46,400-£69,600
Location: Eastleigh - hybrid
Work Level:4
Closing Date for applications:Thursday 8th May 2025
Hiring Manager:Georgios Dokimakis
Risk & Governance Manager:We have an exciting opportunity for an Risk & Governance Manager to join our Information Security team in our Eastleigh office, reporting directly to the Head of Information Security.
As the Risk & Governance Manager, you will manage the day to day activities of the Education, Capability and Governance (ECG )Team and to implement security initiatives and governance processes that will protect customer, employee and company information from security risks and to ensure that the information security risk to the business is managed to an acceptable level.
Main Responsibilities:
* Lead the development and adoption of information security policies and standards.
* Maintain and improve ISO27001 certification and lead initiatives to expand its scope.
* Oversee the security education and behavioural change program, including targeted training initiatives.
* Manage the information security management framework and support the risk framework.
* Develop and deliver information security reporting processes, governance reporting, and management information.
* Monitor and respond to changes in legislation and accreditation standards affecting information security.
Skills and experience:
* Solid technical understanding of security principles and technologies, including threat intelligence, security monitoring, and incident response.
* Oversee the maintenance of our ISO27001 certification, seek improvement and lead initiatives to expand our scope.
* Lead and manage on the information security management framework and supporting risk framework..
* In-depth knowledge of security operations areas such as SIEM/SOC, Firewall Change, End Point Protection, and Forensic Investigation.
* Experience in business or information security management, with a background in ISO27001, CISM, CISSP, and knowledge of Data Protection/GDPR.
* Demonstrable ability to follow security operations procedures, policies, and activities, with at least three years of relevant experience.
* Strong communication skills to explain complex IT concepts to various levels of customers and staff.
* General understanding of data protection processes, policies, and tools, with the ability to learn and develop skills in all areas of Information Security.
To find out more about this role and for information please contact Sarah Daines or Georgios Dokimakis.
Alternatively, click on the “Apply Button” to be considered.
#J-18808-Ljbffr