Information Security Compliance Manager

Are you a Security and Compliance Manager looking for your next challenge?
Come and join our well-established IA team within the SSCL sector

As an Information Security Compliance Manager, you will be responsible for implementing the strategy, policies and working practices defined within the Information Security Management System (ISMS) and Cyber Security Strategy across the operational sectors.
The role reports directly to the Head of Information Security, defining and monitoring of adherence to security policies, standards, procedures and guidelines, ensuring the provision security awareness of security matters to SSCL.

We can offer great career progression opportunities, ability to be based anywhere across the UK, benefits which you can flex to meet your needs and training and development opportunities.
**What you will be doing**:
As a member of the Security team this role will be responsible for providing expert support to deliver compliance activity to meeting both internal and external ISO/IEC 27001 requirements and Security frameworks.
- Ownership and responsibility for policies and controls to ensure compliance with applicable regulatory, audit, and security best practices.
- Responsible for production and maintenance of detailed security documentation and the Information Security Management System (ISMS)
- Take specific ownership of ISO/IEC 27001 actions resulting from external audit and compliance activity - facilitate interaction between the relevant teams from issue identification through to evidence collection and issue close out.
- Evaluate operational procedures and evidence artefacts to validate accuracy and appropriateness against contractual requirements, frameworks and standards. Ensure appropriate implementation of security controls in the organisation.
- Harmonisation of security policies and standards to improve SSCL response to business customer security requests.
- Partner with SMEs and stakeholders such as Internal Audit, Risk and Assurance, Information Assurance, IT, Ops Control, Facilities, SSCL HR, Architecture to identify, remediate, and track Information Security issues.
- Manage communication and feedback to SMEs to close compliance gaps where identified.
- Accommodate ad-hoc activities in support if requested for other internal customers or external compliance activity.
- Responsible for maintaining the control descriptions for all ISO 27001 controls (Statement of Applicability).
- Ensure governance is monitored and measurable within the Security Team.
- Ensure compliance to ISO/IEC 27001, feed non-compliance into respective SME’s and the CISO/SIRO.
- Review and manage security risk and threat assessment (operational and system)

**What you’ll bring**:

- Information Security Manager experience with strong knowledge and experience with security policies and standards
- Technical aptitude and knowledge across the spectrum of information security solutions and operations
- Knowledge of IT security solutions and their integration and operation into business systems and processes
- Experience of building relationships with senior internal and external stakeholders
- ISO/IEC 27001 Lead Implementer/Auditor
- ISO 31000 Risk Management

**It would be great if you had**:

- Police or Government sector experience would be an advantage
- CISSP and / or CISM certified or equivalent degree in Information Security

If you are interested in this role but not sure if your skills and experience are exactly what we’re looking for, please do apply, we’d love to hear from you

If you are interested in this role but not sure if your skills and experience are exactly what we’re looking for, please do apply, we’d love to hear from you

**Contract type**: Full time permanent
**Location**: Base location tbc, Hybrid variable
**Security Clearance Level**:NPPV2
**Internal Recruiter**:Marion
**Salary**:£45,000 to £55,000

**Benefits**: 25 days annual leave with the option to buy additional days, life assurance, pension, and generous flexible benefits fund

Loved reading about this job and want to know more about our company?

Shared Services Connected Ltd was established as a joint venture between the Cabinet Office and Sopra Steria, in 2013 as part of the Government’s Shared Services Strategy for Smarter Government programme and operates from four regional centres of excellence:Blackpool; Newcastle; Newport; and York. We deliver best in class business transformation programmes to across the Public Sector with a target to release one billion pounds of savings to the public.

We have established an enviable track record in the design and delivery of large-scale innovative HR, Payroll, IT, and Finance & Accounting solutions to significantly improve efficiencies and enhance service levels across Government and Public Sector.

Our clients include a number of government agencies including the Department for Work and Pensions, Environment Agency Department for Education, Ministry of Justice and Home Office as well as the Metropolitan Police Service and the Construction IndustryTraining Board.