InfoSec Manager - Edinburgh Hybrid - 80K plus 30% Bonus

Lorien's longstanding client, an organisation with a great reputation in their domain with a healthy appreciation for how technology enables their staff and operations, is looking to hire a security-savvy professional with a passion for protecting sensitive data. Right now they're seeking an exceptional InfoSec/Information Security Manager to take the reins and lead their information security programme; safeguarding their clients, organisation data, and core systems.

They're a great firm we've seen treat those we have already introduced into their teams very well, and offer a range of incentives (including a 30% bonus, flexible hybrid working arrangements, and a comprehensive host of other benefits including private healthcare, professional development and ongoing upskilling avenues, friendly people to work with and more), so take a look and apply if this looks like a great next step for your career, * Develop, execute, and maintain the overarching information security strategy/policies/relevant frameworks in adherence to ISO standards and other key regulations

• Oversee the firm's ISO 27001 accreditation and oversee regular risk assessments; taking ownership of the register and plans
• Draft and implement InfoSec metrics/key performance indicators/reporting (up to board level) to demonstrate security/control/initiative effectiveness
• Audit and improve the firm's security operations across the spectrum, including incident response and escalation/best coding and config practice/and so on
• Implement technical/strategic measures to protect key data/confidential information such as encryption/preventing data loss/DR planning/scenario testing.
• Embed and oversee 3rd party & supply chain risk management processes/procedures as well as audits and external party assessments
• Draft up and execute initiatives such as security awareness initiatives

• Strong track record in the Information Security domain within regulated work settings
• Strong knowledge of relevant information security laws/regulations/standards such as ISO 27001, GDPR, Data Protection Act, etc.
• Ideally a relevant degree and any professional certification/s (CISSP/CISM/Lead Implementer/Auditor or equivalent)
• Demonstrable background operating/maturing Information Security Management Systems in line with ISO standards, and leading external audits, certifications, and risk management/security awareness initiatives
• Ability to work with representatives at any level as well as external clients/auditors/partners

Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy.