RSR is a public safety & enterprise security recruitment specialist. We assist public safety employers find the right talent. We assist all employers when they want to source public safety and enterprise security skills and experience.

RSR Public Safety are currently recruiting on behalf of our policing client based in Worcestershire for a Manager - Information Security. The jobholder will be leading on the delivery of the organisations Information Security programme and accreditation processes and act as subject matter expert to provide professional guidance and specialist advice for all information security and information risk matters.

This role is on a 6 month fixed term contract, offering a salary between £49,602 - £52,800

Main Duties:

• To achieve compliance with mandatory information security requirements and national reporting standards, including timely completion of annual Community and Cabinet Office Public Services Network (PSN) Codes of Connection (CoCo) and Police Digital Services (PDS) Security Assessment for Policing (SyAP)
• To recommend, review and produce policies and best practice for the ongoing management and maintenance of information security management reporting to and taking direction from the Audit, Assurance and Compliance Board.
• To be responsible for information risk assessment processes to identify, analyse, evaluate and monitor technical, procedural, physical, and personnel risks in information and information processing systems. Also responsible for identifying and supporting the implementation of security safeguards and countermeasures across the organisation.
• To lead an information security audit and compliance regime to ensure compliance with information security regulations, standards, policies, and guidance on information risk management.
• To be responsible for the compilation and maintenance of Risk Management plans and Information Risk Assessment Reports (IRAR) ensuring that the organisations IT systems are accredited and subject to accreditation review.
• To lead investigative and reporting action of all actual and suspected incidents of security significance and produce quarterly reporting returns Police Digital Services (PDS)
• To update knowledge and assimilate information in relation to changes and developments in respect of legislation, information management, and information security procedures and best practice.
• To develop a general information security training, education, and awareness programme for completion by all officers and staff and a tailored training programme for Information Asset Owners (IAO’s), senior managers and other stakeholders to include the cause, likelihood, and potential business impact of information risks.
• To actively engage all key stakeholders, including partner agencies and third party suppliers, sharing, storing or processing information owned by the organisation in the application of information security best practice and HMG standards, ensuring compliance with Home Office legislation and statutory guidance.

Essential Requirements:

• A level 5, or equivalent, qualification.
• A recognised information security qualification (such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), CESG Certified Professional (CCP) SIRA/Accreditor) or an equivalent information security qualification.
• In depth expert knowledge of GDPR and also associated Law Enforcement Directive.
• Sound practical knowledge of Accreditation and production of Information Risk Assessment Reports (IRAR).
• Sound practical knowledge of current Information Technology Standards and Techniques (including ISO 27001 series).
• Sound practical knowledge of the HMG Security Policy Framework and associated NCSC and CPNI guidance.
• Knowledge and understanding of the Technical, Human Resource, Procurement, Project, and Physical Security issues that impact upon information security.
• A sound knowledge of risk management and incident management in relation to information security.
• Experience of supporting high risk projects and process implementation.
• Demonstrable experience of developing information security strategy, policies and procedures in an enterprise environment.
• Experience of utilising and managing a risk based approach to undertaking internal audits audit and accreditation activities working with external auditors, including health checks and penetration tests.
• Ability to work to tight deadlines, respond to changing demands and deliver efficient follow-ups.
• Effective interpersonal and communication skills, both written and verbal, and the ability to explain complex issues at a variety of levels.

This role will be subject to vetting and the successful individual will be required to obtain and maintain these clearances.

If you would like to be considered for this position and have the relevant experience, then please email your CV to [email protected]

Alternatively, if this role is not for you but you do know somebody who would be interested please refer them to ourselves. We have a referral bonus scheme and will pay up in retail vouchers of your choice, for referrals who are not already known to us.

Due to the high volume of applications received, if you do not hear from us within 7 working days, I am afraid your application has been unsuccessful.

RSR Police is member of the Red Snapper Group.

The Red Snapper Group acts as an employment agency (permanent) and as an employment business (temporary) - a free and confidential service to candidates.

The Red Snapper Recruitment Group is an equal opportunities employer.