Security Compliance ManagerLondon
Time TypeFull time
Area of BusinessCyber Security
LocationHammersmith - Griffin House Hammersmith Road
Job ID 00033698
About the role
As the Security Compliance Manager it'll be your job to implement and operate the information security management system, in accordance with ISO27001 and any future standard or set of requirements (such as Telecoms Security Act). You'll ensure all supporting compliance documentation such as the Information Security Compliance Toolkit (including Asset Register, Business Impact Assessment, Risk Treatment Plan, Statement of Applicability and Control Maturity), as well as Policies and Standards are accurate, up to date and available. You'll manage and renew all VMO2 certificates and accreditations on time and within budget including but not limited to: ISO27001, PSN Encryption, GCN, DNSP, Cyber Essentials Plus, HSCN.
It'll also be your job to manage and deliver all required Penetration Testing and IT Health Checks on time and within budget to support all VMO2 certificates and accreditations. This includes the relationships with our partners to maximise quality, cost and availability.
As well as all of that you'll plan, manage and carry out internal audits for all compliant teams and sites; deliver clear reports against the internal audit programme in order to maintain compliance to ISO27001, and any future standard or set of requirements (such as the Telecoms Security Act).
Who we are
It's the security Compliance teams job to protect the confidentiality, integrity and availability of information assets and systems. The team effectively deliver through the understanding and provision of guidance and monitoring, related to regulation, legislation, international standards and industry best in class for information security.
At Virgin Media O2 we're going All In, to remove bias and barriers for our people and our candidates. We're working hard to achieve bold ambitions, to help us better represent the diverse communities we serve across the UK. As an equal opportunities employer, we support and encourage you, to be your authentic self throughout your application journey.
The must haves
In order to be considered, you must have the following experience;
- Proven experience of implementing and managing compliance in an information security role in a large commercial organisation
- Good understanding of risk management
- Good understanding of IT and networking principles
- Experience delivering internal audits
- Experience managing controls in standards such as ISO 27001, Cyber Essentials and or legal and regulatory legislation such as SOX, PCI or GDPR
The other stuff we're looking for
We'd also love you to bring;
- Educated to degree level or holding a professional qualification (e.g. CISSP, CISM, ISO 27001 Auditor / Implementer)
- Experience of analysing, reporting and presenting data in multiple ways
- Management of Penetration Testing, IT Health Checks, and other Security Testing
- Be able to hold security clearance, minimum of BPSS up to and inclusive of NPPV L3 and SC
What's in it for you?
We know that benefits mean so much more than the 'stuff' we can give you, so we offer a wide range of support, rewards and tools - all focused on helping you to prioritise what really matters.
All work and no play just isn't our style! We're already planning our future ways of working, for when life becomes a little more normal again. We're constantly evolving our approach to enable you to find a great work life balance.
If we feel like a place where you can belong, we'd love to learn more about you. Once you've submitted an application the next steps of the process, if successful, are likely to include a Saville wave assessment and a competency based interview.
When you apply, you'll be asked about any adjustments you might need to support the recruitment process. Let us know, and we'll be sure to discuss it with you. Thanks for your patience in the meantime and for showing an interest in joining the Virgin Media O2 family.