Information Security Manager – FTC

• Adherence to the Information Security Standards by control owners
• Training and Awareness Programme
• Phishing Tests of staff, reporting and training
• Actionable Threat Intelligence including Domain Monitoring, social media and Deep and Dark Web monitoring
• Data Loss Prevention/Detection – monitoring staff’s use of email and web usage to detect any non-adherence of acceptable use
• Committee papers showing KPIs/KRIS and supporting documentation.
• Third Party Reviews of suppliers
• Managing the annual risk assessment process and presenting results to senior management.
• Performing analysis and testing of controls within our internal environment.
• Managing the training and awareness program for employees globally including;
• Evaluating the trends in Human Risk, using available technology to understand the areas that require staff to be trained in
• Designing and releasing eLearning modules for all staff,
• Participating in Cyber Security Awareness month and organising educational activities.
• Writing global communications.
• Working with IT and the business to deliver key certifications and meet ever-changing regulations.
• Conducting timely Information Security assessments of third-party suppliers, recording results accurately and initiating appropriate responses.
• Participating in ad hoc projects to provide analysis on Information Security risks.

• Minimum of 5 years’ experience working within Information Security.
• Experience working in the financial industry
• Desirable Qualifications – ISACA CISA, CISM or CRISC
• Understanding of ISO27000, NIST CSF, Cyber Essentials and audit processes.
• Good written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and non-technical audiences.
• Analytical skills and the ability to manage multiple projects under strict timelines.
• Line management/Team management experience

Barclay Simpson