Information Security and Data Protection Manager

My client is looking for an Information Security and Data Protection manager is to ensure their information security and Data Protection risks are identified and managed under explicit management control. The successful individual with protect systems by defining policies and standards access privileges, control structure and resources ensuring that these policies meet external legislation and industry standards (ISO27001, BS100012). Preferably life insurance background or FS at very least.

RESPONSIBILITIES

- Protects systems by defining policies and standards that determine access privileges, control structures, and resources.
- Development and support implementation of information security policies and standards. Ensure data policies meet external legislation (including preparation for incoming EU DP legislation).
- Recognises problems by working with third parties and internal staff in identifying abnormalities; reporting security violations
- Identifies security improvements by assessing current situation; evaluating trends; anticipating requirements. Develop on-going risk assessment programme targeting information
- Security and data retention
- Works with IT, management, staff and OSPs to ensure security controls are understood and being effectively implemented.
- Act as Data Protection officer for the group, advising the business on appropriate data retention methods and destruction
- Ensure policies and procedures are in line with best in class industry standards (eg ISO27001, BS10012). Achieving accreditation where appropriate.
- Contributing to acquisition due diligence and implementation to ensure security standards are protected.