TXM Recruit are currently looking for a IT Information Security Manager on a permanent basis for a large Train Operating Company in Derby.

Role Summary:
Information security is a key function within IT to ensure the company can protect its own information, systems and staff from Cyberattacks. Provide advice and guidance to directors, management and staff at all levels in IT risk, control, compliance and governance issues.

Role Responsibilities:

• Perform regular reviews of where the company currently sits in regards to ISO 27001 compliance and identify the risks created by non-compliance.
• Formulate and maintain an IT and Data Security implementation plan in conjunction with the IT team and the Internal Audit and Compliance function to provide a professional IT and data security risk assurance and audit service to the business.
• Contribute to the design of the policies, procedures and controls required to mitigate IT and data security risks into the wider business.
• Develop detailed work plans to assess and report on the business compliance with all IT Security requirements including, but not limited to, Cyber Essentials, Network and Information Systems (NIS) Directive, National Railways Security Programme (NRSP) and PCI DSS.
• Promote the continuous improvement of IT Security risk management and control processes by developing a proactive, customer-focused relationship with management, ensuring that issues identified are resolved.
• Be responsible for the stewardship of electronic assets and data throughout the organisation, including recording, retention and disposal.
• Manage own workload including planning the scope, aim and objective of each review, with a view to ensuring that key risk areas are assessed and evaluated.
• Communicate key issues and solutions to management by producing clear, concise and timely reports, presentations, etc.
• Develop and enhance technical, inter-personal and managerial skills and business awareness.
• Work closely with Internal Audit team to support the delivery of the annual assurance and compliance plan.

Role Requirements:

• Appropriate level of proven experience in a similar information security role
• Experience of implementing ISO 27001 standards in a rapidly changing organisation.
• ITIL V3 certification or similar
• Understanding of PCI DSS
• Experience of managing and auditing compliance with GDPR
• IT security audit experience desirable
• Excellent analytical skills, together with an attention to detail
• Self-motivated and well organised.
• Excellent verbal and written communication skills & ability to deal with individuals at all levels.

Company Benefits:

• Defined benefit pension scheme from day one (RPS), IWDC section if fixed term contract.
• Flexible hours and hybrid working (dependent on role)
• 32 days holiday, rising to 34 after 2 years
• Discounted train tickets for Friends & Family 20 per year
• Exclusive employee discount scheme offering fantastic savings on high-street and online retailers available through Hapi App
• Halfords Cycle2Work Scheme.
• Employee Assistance Programme and wellbeing benefits (inc. Healthshield, free eye tests/glasses) available through Hapi App
• Childcare vouchers
• Staff recognition scheme (e.g. vouchers) and annual staff awards

If you are interested in a confidential conversation about the role please click 'APPLY' and we will be in touch.