Information Security Manager - Home Based

Highly Competitive Salary + Bonus

Date Posted: Wednesday 19 July 2023

 
About the role;

As Information Security Manager you will be responsible for helping to contribute to the Security practice’s growth journey.
 
This pivotal role has two key responsibilities: maintaining and improving TSG’s GRC posture, and leading and delivering on compliance-led workstreams for our clients.
 
The Information Security Manager will be responsible for the integrity of our internal systems, with a particular focus on governance and adherence to ISO27001, GDPR and Cyber Essentials frameworks. They will work both internally and client-facing, to manage our comprehensive information security programs and lead our compliance-based services. Given their experience in a similar role, they will also be able to bring new ideas, products and services that will help TSG evolve its compliance and cyber-led offerings.
 
This is a home-based role with some travel required when necessary.
 
Who are we?
 
TSG (Technology Services Group) are a Managed IT Services provider servicing businesses UK Wide. At TSG our people have a passion for delivering exceptional customer service, something which is proven in our consistent world class NPS score of +80. Our values are Team TSG, Service Excellence and Shared Growth, these sit at the core of our business helping us to achieve our mission.
 
Why should I work for TSG?
 
It is our people that make TSG what it is and a great place to work. We put a lot of work in to creating a trusted, open, fair culture and as a result, we have been named as one of the ‘UKs Top 100 Best Large Companies’ and one of the ‘Top 50 Technology Companies’ to work for. In addition, we have been awarded a 2 star accreditation for ‘Outstanding’ employee engagement. 
 
Here’s why;  
 
  • Our open and honest culture where feedback is taken on-board and acted upon
  • The monthly wellbeing check-ins we complete with all staff and the support provided off the back of those where needed
  • Our social events. In addition to regular virtual quizzes and other ad hoc team building events, we launched the very first ‘TSG Festival’ in 2021, Team TSG’s feedback was so positive that we have decided to make it a yearly event  
  • Two paid CSR days per annum that you can use towards giving something back
  • Our charity fundraising - TSG have raised over £20,000 in the last 2 years for our current chosen charity Mental Health UK. We have also recently launched our very own ‘TSG Foundation’
  • Our responsibility as a business to the environment as we are working towards becoming a net carbon zero business
  • Flexible working policy
  • Relaxed dress policy
  • Excellent progression opportunities, training and support, including recognised qualifications
 
Job responsibilities will include, but are not limited to;
 
  • Collaborate with the Chief Information Security Officer and Cyber colleagues to develop customised security strategies and solutions based on each client's specific needs and environment.
  • Act as a key point of contact between TSG and its clients, acting as a trusted advisor on compliance-led matters
  • Work with TSG’s internal teams to ensure our delivery meets the clients' expectations in terms of scope, timelines, and quality, and maintain a high level of client satisfaction
  • Assist with proactive measures around value-added security services such as writing briefings, threat reporting and marketing collateral
  • Build relationships and partner with industry recognised bodies to develop new InfoSec strategies
  • In the future, help the Security team develop new compliance-led products and services for clients
  • Safeguard TSG’s information systems and data. Oversee ISO27001 certification process, including (but not limited to) policy reviews, external audits and stakeholder management.
  • Monitor our internal security controls to ensure they meet the relevant requirements and continuously seek ways to improve them.
  • Manage internal risk management processes, working with risk owners to mitigate risks – and report to CISO and senior leadership through risk committee meetings on status and areas for improvement
  • Collaborate with internal teams to ensure information security awareness and compliance across the business.
  • Compliance with the General Data Protection Regulation (GDPR) and ownerships of matters relating to (including data subject access requests)
  • Provide periodic reports to senior management on the status, improvements, and challenges of the internal security program.
  • Continual improvement of the Information Security Management System's policies.
  • Assess our clients Information Security needs and provide subject matter expertise on matters relating to Information Security
  • Work directly with clients. Manage and deliver compliance-led products and services, assisting clients to remain compliant with relevant standards and regulations.
  • Provide clients with insights and recommendations on mitigating potential information security risks.
  • Maintain strong relationships with clients, providing them with reliable security advisory support when needed.
  • Manage multiple client workstreams and interface directly with end clients as required.
  • Work with Leadership, Cyber and Sales Teams to respond to tenders/ projects and provide pre-sales support when needed.
 
Knowledge, Skills & Experience;                       
 
  • At least one professional security certification such as CISM, CDPSE but ideally CISSP.
  • Subject matter expert in ISO27001, GDPR and Data Protection.
  • Strong and practical understanding of frameworks (including but not limited to) Cyber Security Essentials plus, NIST frameworks, PCI-DSS and understanding of relating these to a business context
  • 5+ years in similar role.
  • Experience with ISMS management.
  • Risk management experience, including performing assessments and designing controls etc.
  • Experience in Governance, Compliance and Audit.
  • Familiarity with Identity and Access Management.
  • Familiarity with Threat / Vulnerability Assessment and Management.
  • Demonstrable experience of working on multiple client engagements in a client-facing capacity and alongside Sales, Presales and Technical functions.
  • Proven experience in a similar role in cybersecurity consultancy, with a strong understanding of cybersecurity principles, protocols, and standards.
  • Proficiency with common cybersecurity tools and technologies, and a strong knowledge of current cybersecurity threats, trends, and mitigation strategies
  • Experience in developing cyber security strategy and frameworks.
  • Good general knowledge of IT systems covering traditional infrastructure and cloud/ SaaS platforms.
 
 
Benefits;
 
  • Company bonus scheme
  • 25 days annual leave + public holidays
  • Life assurance 4 x Salary
  • Contributory pension scheme at 4% matched
  • Perkbox discounts
  • Paid CSR Days
  • Company sick pay
  • Income protection cover
  • Enhanced Maternity and Paternity pay
  • Home-based and hybrid opportunities
  • Long service benefits including increased annual leave accrued with service
  • Cycle to work scheme
  • Employee recognition scheme
 
If this sounds like the role for you, please apply today to be considered.