Henry Nicholas are proud to be supporting one of the UK’s best known brands in the Leisure and Tourism sector. It’s an exciting time to join their Information Security team as it grows and matures. You’ll have an opportunity to work in a friendly, fast paced environment across three well-known UK Leisure industry brands
What we are looking for:
The Information Security manager will be a linchpin in the business in regards to Information Security across the enterprise, including instilling GDPR, PCI and ISO27001 policies and promoting good internal Security practice/Awareness. You will also be an integral piece in helping establish and grow the internal SOC function as well.
• Requires a broad understanding of IT and Enterprise security
• Requires operating knowledge and managing Security Operations Centre team
• Requires knowledge and experience of Incident Management
• Deep knowledge/experience with NIST Cybersecurity Framework or similar frameworks and may have knowledge of MITRE ATT&ACK framework
• May have experience of managing compliance against PCI, ISO27001
• The successful candidate may have knowledge of security solutions such as LogRhythm, Splunk, EDR end points technologies
• Strong leadership with good staff delegation, motivation, management, planning and prioritisation
• A methodical and meticulous approach
• Task driven with a willingness to take ownership and drive through to successful conclusion
• Excellent communication (written and oral) and presentation skills for technical and non-technical staff
• Strong interpersonal skills and experience of developing strong relationships with internal departments and external Security providers
Your day to day:
• Acting as the central point of contact within the business with regards to information security.
• Manages the Security Operations Centre (SOC) including Security Engineer and co-ordinate with internal departments e.g. IT and Privacy and third-party Security providers.
• Strong understanding of security controls to evaluate their effectiveness and the ability to make recommendations to reduce/control any risks identified
• You will also play a role in Incident Response Management so will need to have a strong background in the response. Monitor and keep under review the security incident management/reporting processes and maintain/monitor the information security risk register/s for specific areas/systems and the business generally
• Continually review and extend Security Playbooks
• Responsibility for relevant Security metrics and maturity improvements.
• Requires Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM) qualification is desirable
Some of the benefits of working with us:
- 20% team member discount across the brands for your family and friends
- Reward and recognition schemes including long service
- Externally recognised qualifications that will give you the opportunity to progress and develop within Bourne Leisure
- Childcare voucher scheme (subject to eligibility)
- Government pension scheme