Title
Information Security Manager (ISM)
Location
Remote, with a requirement to work from our modern Haywards Heath office approximately once per month
Contract
Permanent
Salary
£45,405 to £53,418 depending on experience, with scope for discussion at interview
About the role
In this role, you will lead Sightsavers information security function, ensuring our systems, services and data are protected from evolving cyber threats. You will drive the development and delivery of our information security strategy, working closely with teams across the organisation to strengthen controls and embed secure ways of working. This will include overseeing key areas such as vulnerability management, patching and compliance activities, as well as identifying and assessing risks and supporting colleagues to put effective, practical safeguards in place. Acting as the organisation’s subject matter expert, you will play a central role in managing audits, supporting incident response and ensuring we meet key security standards, while continuously improving our overall security approach.
Responsibilities
* Lead the development and delivery of Sightsavers information security strategy, ensuring it aligns with organisational priorities
* Oversee key security controls, including patching, vulnerability management and change control processes
* Identify and assess information security risks across the organisation, supporting teams to implement practical solutions
* Provide expert advice and guidance on information security controls to protect systems, services and data
* Act as the organisation’s subject matter expert for audits, reviews and security assurance activities
* Maintain compliance with key standards and certifications, including Cyber Essentials and PCI-DSS
* Lead or support the investigation of security incidents, ensuring lessons learned are captured and acted upon
* Provide guidance on information governance, including data access, classification and retention practices
* Monitor emerging cyber threats, trends and regulatory requirements, recommending improvements where needed
* Promote awareness of information security across the organisation, encouraging good practice and secure behaviours
* Build strong relationships with internal teams, suppliers and external partners to embed security into day-to-day operations
* Support continuous improvement of security processes, ensuring controls remain effective and fit for purpose
This is a highly varied and involved role and the above is not an exhaustive list of duties or required professional skills. Please see the Job Description for full details.
Jobholder Requirements
* Strong experience working in information security, cyber risk or security governance within a complex organisation
* A recognised professional certification such as CISSP, CISM or ISO 27001 (or equivalent experience)
* Solid understanding of security standards and compliance frameworks, including PCI-DSS
* Experience applying security principles in a practical, real-world environment
* Confident working with both technical and non-technical stakeholders
* Strong communication skills, with the ability to translate complex information into clear, practical guidance
* Highly organised, with strong attention to detail and the ability to manage competing priorities
* Experience working within an outsourced or multi-supplier environment
* Good technical understanding of IT infrastructure and security technologies
* Ability to explain technical risks and concepts to a range of audiences across the organisation
* Experience supporting audits, compliance frameworks or certification processes
* An interest in staying up to date with emerging threats, trends and best practice in information security
We anticipate that remote interviews will take place from the week commencing the 15th of June onwards and the evaluation process will include a online task.
To apply for this exciting new opportunity, please complete an application via our recruitment portal. We are particularly interested in learning of your motivations for applying.
As an equal opportunity employer, we actively encourage applications from all sections of the community. Sightsavers is a Disability Confident Leader and qualified people with a disability are particularly encouraged to apply.
Sightsavers is an employer that does not tolerate any form of harassment and has zero tolerance for sexual exploitation and abuse. All potential candidates will be subjected to rigorous background checks and controls.
#J-18808-Ljbffr