Please check your email .
Information Security Manager required for a global business, based in Aberdeen.
A global player in the Energy sector, they are in a stable position given the current economic climate. With IT being centralised in Aberdeen, as well as many other key functions, the role is for an experienced InfoSec specialist to help to maintain and grow the function and to ensure security is paramount across the business.
On top of the traditional oil and gas production, this organisation are ahead of the curve in renewable energy also and this area is very much kicking off. As they are a fairly large business, they continue to acquire other companies and you will additionally be responsible for integrating Information Security effectively across these new acquisitions. Regarding working from home, currently it is a fully WFH position, however after Covid you can be home based for up to 2 days a week.
Reporting directly into the IT Security Director, you will be responsible for managing the Information Security across the business and multiple sites. You will need to provide internal consultancy and have strong stakeholder management across many different users and groups. You will have influence across the organisation and where you will need some technical knowledge, this is largely about getting the right processes and protocols in place.
Working closely with the IT Security Analyst, you will adhere to best practice and understand what the business needs. With a fair amount of IT being outsourced also, you will need to work with and manage third-party suppliers as well as overseeing some sub-contractors. Providing clear direction on Information Security governance and the development and the delivery of Information Security practices across the business, is key.
** Manage & maintain the information security risk-based policies in order to meet the organisations security goals and standards
** Manage governance of global cyber security framework including regular compliance reviews & reporting
** Manage the Cyber Security awareness programme and incidents
** Engage with senior business stakeholders to promote and improve cyber security and data protection within key business processes
What you will need to have:
** Background in managing InfoSec in a medium to large scale business, ideally with global reach
** Experience governing cyber security control framework(s) (e.g. NIST, IMO, ISO)
** Proven experience or awareness of Major Cyber Incident management and recovery
** Third party and internal contractor management
** Proven experience of governance or ensuring delivery of third-party or internal SOC
** Any security certification (e.g. CISSP, CISA, Security +)
** Good negotiation skills and the ability to communicate with business stakeholders, senior management and IT Partners
The position offers a very good overall package including strong holidays, pension scheme, private healthcare and a car allowance.
If you are interested in this role, please apply or call Hamish at Cathcart Associates