Back to Job Search

Security Compliance Manager

  • Location: London
  • £ Salary: Up to £650.00 per day per day
  • Job Type:Contract

Posted 10 days ago

  • Sector: Technology
  • Contact: Sam Johnson
  • Duration: 6 months
  • Start Date: asap
  • Expiry Date: 12 October 2023
  • Job Ref: JN -092023-481464

Security Compliance Manager

Day Rate: £650 p/d inside IR35

Location: London/ Hybrid

Duration: 6 months

The primary focus of this role is to safeguard the confidentiality, integrity, and availability of our information assets and systems. This entails providing effective guidance, monitoring, and adherence to regulatory, legislative, international standards, and industry best practices in information security.

Key Responsibilities:

  1. Information Security Management System (ISMS):
    • Implement and manage the Information Security Management System in alignment with ISO 27001 and any future standards or requirements, such as the Telecoms Security Act.
  2. Compliance Documentation:
    • Ensure the accuracy, currency, and availability of all compliance documentation, including the Information Security Compliance Toolkit. This includes maintaining the Asset Register, Business Impact Assessment, Risk Treatment Plan, Statement of Applicability, and Control Maturity, as well as Policies and Standards.
  3. Certificate and Accreditation Management:
    • Manage and renew all relevant certificates and accreditations within budget and on time. This includes ISO 27001, GCN, DNSP, Cyber Essentials Plus, and HSCN.
  4. Penetration Testing and IT Health Checks:
    • Oversee the timely and budget-conscious execution of Penetration Testing and IT Health Checks to support certificate and accreditation requirements.
  5. Remediation Planning:
    • Collaborate with stakeholders across the organization to create and execute remediation plans within specified timeframes, ensuring compliance with all certificates and accreditations.
  6. Gap Analysis:
    • Conduct gap analyses for emerging standards or requirements like the Telecoms Security Act, offering support for their implementation.
  7. Internal Audits:
    • Plan, manage, and conduct internal audits for all compliant teams and sites. Deliver comprehensive reports as part of the internal audit program to maintain compliance with ISO 27001 and other future standards.
  8. Corrective Actions:
    • Document audit findings in a standardized format and track corrective actions to completion. Ensure that all corrective actions stemming from audits are effectively managed.
  9. External Audit Support:
    • Assist in the External Audit program by participating in planning, delivery, and corrective action management.