Information Security Manager

About the Company: Our Client, a small company with a big heart based in North London. They are passionate about transforming lives through their sight-saving procedures. Their supportive team culture and commitment to personal and professional growth make them unique place to work. About the Role: The purpose of the role is to manage all aspects of their information security within the organisation's IT. The role will include maintaining security systems, overseeing vulnerability testing, and penetration tests to identify and address risks and vulnerabilities. The role will lead on best security practices across the business and provide hands-on technical experience to resolve security vulnerabilities, including MS 365 and Azure. The candidate will be effective in deploying and maintaining security infrastructure, applications, services and driving the business towards Cyber Essentials PLUS and ISO 27001 accreditation. Key Responsibilities: Deploying and maintaining security infrastructure across the division Implementing and overseeing security systems, data protection controls, and encryption Troubleshooting and resolving IT security incidents within SLA to reduce the impact Conducting and overseeing yearly vulnerability tests, ransomware, and penetration testing, identifying, and addressing any weaknesses and security gaps Working closely with our suppliers and partners to resolve any security gaps or issues Monitoring information systems and responding to any cyber-security incidents working with our partners and suppliers Qualifications: Experience as an information security manager, preferably within the healthcare sector Experience in security concepts related to routing, DNS, VPN, authentication, DDOS mitigation technologies/tools and proxy services Experiencing managing cloud security (MS Azure) improving security scores and reducing exposure scores to the right level Experience in deploying and overseeing intrusion prevention and detection protocols Experience in overseeing and driving security standards and policies across dispersed locations across the UK Experience in implementing and overseeing ISO27001 standards/controls and data protection standards. Required Skills: Certified Information Systems Security Professional (CISSP) Networking concepts related to TCP/IP, switching and routing, firewall, Forcepoint, MS Defender, and other Endpoint Security Excellent attention to detail with technical capabilities Highly motivated and able to work autonomously and alongside an agile IT team Advanced analytical and communication skills Strong IT skills, able to use all Microsoft Office applications and other systems/databases required as part of the role. Understanding of health technology, clinical applications, data, and security architecture is highly desirable. The right person must: Be able to start Immediately Be motivated to achieve targets and deliver result Be able to build and maintain exceptional relationships with colleagues. Have a consistent professional attitude demonstrated to all colleagues and customers; personable, confident, and articulate at all time Hold high level of personal integrity and confidentiality Compensation: Hybrid Work: Enjoy a flexible work-life balance with 2 days onsite in their London office and travel to other UK sites. Comprehensive benefits package (33 days annual leave, cycle to work scheme, private medical, Travel reimbursement, etc.); Free eye test and even free eye surgery! Career Growth: Opportunities for driving professional development and advancement. Impactful Work: The chance to make a real difference in patient care. Collaborative Culture: Work alongside a talented team of professionals.