The Information Security Assurance Manager will implement and maintain the information security management system.

You will engage with internal and external personnel and drive effective control implementation.

You will liaise with 2LOD/3LOD functions to ensure that the information security management system is aligned with the Enterprise Risk Management framework and is validated through regular auditing.

You will support regular reporting and make recommendations to functional and operational leadership to attain or maintain the desired security posture.

• Implement and maintain a deep understanding of PIC’s information security management system, ensuring controls align with risk appetite and tolerances.
• Coordinate with internal and external personnel to implement and improve security controls.
• Maintain security policies, standards, patterns, and procedures in alignment with industry standards and best practices.
• Maintain knowledge of current and future information and cyber security threats and trends, communicating with internal personnel and ensuring an effective response to changes in the threat landscape.
• Support project teams to ensure compliance with PIC’s information security management system and industry best practices.
• Facilitate internal and external assurance activities, engaging with 2LOD, 3LOD, third parties, outsourcers, customers, and regulators.
• Build strong working relationships across the business.
• Facilitate effective information security practices and governance.
•  Advise senior management on information security risk levels and security posture, threat levels and response capability.
• Enforce strong security adherence across PIC, including developing and delivering training and security awareness programmes.
• Communicate the value of information security throughout the organization.
• Carry out information security risk assessments and engage in business impact analysis activities.
• Facilitate information security reporting activities.

Requirements

• Strong knowledge of working in information security risk management
• Thorough understanding of information security risk management practices.
• Knowledge and experience of managing information security risk including processes for monitoring and assessing key controls.
• Experience implementing and maintaining an Information Security Management System such as ISO27001 or similar recognised standard.
• Highly responsive, adapts to changing circumstances and priorities.
• A self-starter with a positive ‘can-do’ attitude, who works collaboratively to achieve results.
• Ability to research and distil threat and trend information.
• Ability to communicate effectively with internal and external stakeholders.
• Proactive, decisive, and effective at delivering results.

Benefits

• In addition to a competitive base salary and the opportunity to participate in our annual, performance-related bonus plan, upon joining us here at Pension Insurance Corporation, you'll get access to some great benefits, including private medical insurance, 28 days' annual leave (excluding bank holidays), a generous pension scheme and much more.
• This role offers hybrid working, and we are open to discussing flexible working arrangements too.

Turner & Townsend  

Fortinet  

Wood  

Technip Energies  

Boskalis  

Delivery Hero  

General Civil Aviation Authority  

AECOM  

Abu Dhabi Islamic Bank  

AccorCorpo