Job details

Aberdeen - Westhill, London - Sutton
Beware Recruitment Scams
Please be on your guard against recruitment scams. These are increasingly being carried out online through false job advertisements, job websites, unsolicited emails, or bogus recruiters purporting to be from Subsea 7. As a company, we treat this fraud very seriously, and ask that you read our Recruitment Fraud guidance, to help you spot the signs of a scam.

Sorry, this vacancy is now closed

Vacancy information

ROLE DESCRIPTION

The Information Security Manager role will be responsible for providing a ‘Centre of Excellence’ for Information Security by providing internal consultancy and practical assistance on all information security risk and control matters. This position can be based in our Aberdeen or Sutton Office

This will involve working with internal departments and service partners to provide clear direction on Information Security governance and the development and the delivery of Information Security practices across the business.

KEY RESPONSIBILITIES

  • Manage & maintain information security risk based policies and procedures to meet the organizational security goals and standards
  • Manage governance of global cyber security framework including regular compliance reviews & reporting
  • Manage cyber security awareness programme and communication
  • Manage Major Cyber Security Incidents with business stakeholders and third parties and implement scenario planning and testing program
  • Engage with senior business stakeholders to promote and improve cyber security within key business processes (e.g. Supply Chain, HR)
  • Assist key business stakeholders to ensure Data protection and any other information security regulations are supported by IT systems and processes.
  • Assist with IT audit and compliance services
  • Assist with ongoing operational security queries, changes and requests.
  • Maintain current knowledge of industry best practices for cyber security strategy, design and operational support

KEY RELATIONSHIPS/ STAKEHOLDERS       

External

  • Industry peers
  • Relevant authorities, including audit partners
  • Key IT service partners
  • Key business partners, including clients and joint venture partners
  • Relevant professional bodies, classification societies, standardisation organisations

Internal

  • Heads of Business function and Senior Management
  • Other IT colleagues across the full range of disciplines

PERSON SPECIFICATION

  • Significant experience delivering Information Security across organisation
  • Experience governing cyber security control framework(s) (e.g. NIST, IMO, ISO)
  • Experience in delivering Information Security in modern digital workplace and cloud infrastructure
  • Proven experience or awareness of Major Cyber Incident management and recovery
  • Proven experience of governance or ensuring delivery of third-party or internal SOC (Security Operations Centre(s)
  • Preferred knowledge of cyber risk in Maritime industry and OT (Operational Technology)/SCADA infrastructure
  • Preferred degree level education, or equivalent experience
  • Preferred security certification (e.g. CISSP, CISA, Security +)
  • Preferred information security and data protection regulatory compliance experience (e.g. GDPR)
  • Preferred ITIL qualifications
  • Operates with the highest level of confidentiality
  • Evidence of good leadership skills and self-motivation.
  • Evidence of ability to work under pressure and meet tight deadlines.
  • Good negotiation skills and the ability to communicate with business stakeholders, senior management and IT Partners with a positive approach to customer care
  • Good understanding of IT infrastructure & applications with knowledge of industry standards and current technology trends