IT Operations / Information Security Manager - Permanent – Glasgow or Edinburgh (Hybrid / WFH)
Evolve IT Recruitment are recruiting for one of our most prestigious clients in Scotland, they are looking to hire an experienced IT Operations / Information Security Manager to join their innovative team in Edinburgh or Glasgow. As one of the leading companies in their industry, our client invests heavily in the latest technology across infrastructure and software; this role sits within the analytics space of their organisation (an area growing exponentially at present) and they are looking to scale their product offerings and client scope to deliver across the globe. Working alongside their Digital teams, you will be responsible for all elements of Information Security and IT operations, this will include being a leader on their ISO27001 and SOC2 programmes and being responsible for extensive auditing requirements.
As the business grows there is an expectation that clients (existing and new) will require due diligence reports and you will lead on ensuring the development of the roadmap for information security and governance frameworks that are at the highest standards possible. You will work with colleagues across the business (IT, security, infrastructure, and development teams) to ensure processes and controls are both implemented and improved on an ongoing basis. Our client has offices in Edinburgh and Glasgow, they are looking at a hybrid working model of 2/3 days per week in the office and the rest of the week from home – you can be based at the office that suits you best.
Role responsibilities:
- Manage the consolidation of all SOC2 controls and information gathering across the globe and ensure effective SOC2 audits are scheduled and completed
- Manage due diligence requests and maintain and appropriate knowledgebase of reference information
- Help maintain business continuity and disaster recovery plans
- Act as the key point of contact for all technology and security colleagues
- 3rd party vendor management across technology and cloud applications
- Lead various annual programme requirements such as audit, pen testing, vendor due diligence, and policy management
Ideally you will be able to demonstrate commercial experience across the following:
- Extensive background in IT Operations and Information Security
- Experience across various security frameworks such as ISO27001, SCO2, and NIST
- Experience of both internal and external auditing
- Project / Programme Management experience
- Experience with data privacy and relevant local and global regulatory standards (such as GDPR)
- Good understanding of cybersecurity and security technologies (ideally within a Microsoft stack)
Our clients offers a superb benefits package that includes pension, annual bonus, private medical insurance, income protection, and life assurance – if interested then please apply with your CV today!