Information Security Manager

40000.00 - 45000.00 GBP Annual + GBP40000 - GBP45000/annum Additional Benefits
11 Jul 2019
08 Aug 2019
Job Type
Contract Type
Information Security Manager

Redditch, UK Wide

GBP40,000 - GBP45,000

A bit about us

Arcus is driven by over 3,000 people. We bring together the unique skills, knowledge and experience that our clients really value. Our behaviours are aligned to encourage our people to share ways of doing something better, saving time, effort or money. It is not just what we do that makes us standout, it is how we do it that makes us truly different, that, coupled with our core values - Do it SIMPLY, Do it WELL, Do it WITH PASSION which underpin everything we do.

Your new role

As a field-based Information Security Manager you work in and around the Redditch area with UK travel on a permanent basis. You will be Responsible for leading, implementing and managing the Information Security Management System. This is a pivotal role in our IT division where you will play a key part and in our ongoing growth and success. You will need a valid driving licence and access to a vehicle.

What you'll be responsible for

Conceptualise and implement an ISO 27001:2013 and GDPR compliant management system.
Manage the IT Security workstream of initiatives, in order to improve information security within the organisation
Working with the IT teams, govern day-to-day information security compliance e.g. Malware Protection, Security Incidents, Intrusion Detection Systems, Patch management compliance etc.
Integrate the new ISMS into the current Arcus Integrated Management System working with the Audit & Governance team.
Draft and implement Information Security policies throughout the group.
Build and manage a new Information Security risk management process and integrate into the wider Arcus risk management model.
Collaborate with key stakeholders and business owners for relevant disciplines, i.e. HR, IT, Audit & Governance, etc. ??? Provide expert advice and assurance on Information Security related activities to key personnel within the business, including the Board.
Innovate and introduce new practices, including technology recommendations for Information Security based on industry good practice.
In conjunction with the Audit & Governance team, conduct internal audits of the business functions with the criteria being:
the Arcus management system, industry practice, applicable standards and legislation, and ISO 27001:2013.

To be successful in this role you will have

Experience implementing and managing an ISO 27001:2013 certified management system.
Expert and proven working knowledge of ISO 27001:2013 and GDPR.
Certified Information Security Manager (CISM) qualification is desirable.
ISO 27001:2013 or ISO 9001:2015 internal audit qualification is desirable.
PRINCE2 Foundation / Practitioner is desirable.
Knowledge of ISO 9001:2015 is desirable.

What we offer

In addition to a competitive salary, Arcus employees can enjoy 33 days annual leave, a generous contributory pension scheme of matched contributions up to 6%, a discretionary bonus scheme, gym discounts and life assurance. At Arcus we are passionate about individual development which is why we are proud to offer industry leading Learning & Development opportunities to all our staff across our organisation.

And finally???

Please note that due to the high volume of applications received, we are unable to respond to those who do not meet the required criteria for this role and only candidates who meet the minimum criteria will be contacted. Personal information which you supply to us during the recruitment process will be used for assessing candidate suitability for vacancies within Arcus. Such data includes candidate qualifications, skills, experience, employment history, current and / or expected remuneration and benefits. Information about any disclosed disability will be used to assess whether Arcus needs to make reasonable adjustments during interview, selection or employment. Such information will be shared internally, including with members of the HR and recruitment team, and managers in the business area being recruited to. We will only keep such data for as long as is necessary for the recruitment process. Should we wish to keep date for longer, e.g. for talent pooling, we will seek the candidate consent to do so. Employment decisions are not based solely on automated decision-making.

Arcus FM has a commitment to sourcing candidates directly and as such we do not accept speculative CV's from agencies. We do, however, work with a defined list of preferred suppliers who may be invited to support us in sourcing candidates for particular roles, but, in line with our PSL, we only pay agency fees where we have a signed agreement in place and an agency has been instructed by a member of the Arcus FM recruitment team.

We do not pay agency fees where speculative and unsolicited CV's are submitted to Arcus FM or Arcus FM employees by any means other than through our agreed recruitment process. Where this is not observed Arcus FM reserves the right to contact these candidates directly and initiate discussions without payment of any agency fee. Submission of any unsolicited CV's and proposals to Arcus FM will be deemed evidence of full and unlimited acceptance of this Agency policy