Information And Cyber Security Manager

OverviewAbout RM

At RM, we are focused on delivering technology and resources to the education sector, supporting schools, teachers and earners, enabling the improvement of education outcomes worldwide. We work across the industry from pre-school to higher education and professional qualifications, our customers include schools, examination boards, central governments and other professional institutions. We have a clear purpose to enrich the lives of learners worldwide.

 

The Information and Cyber Security Manager is a new role that will be integral to the company's continued success. It is a high profile leadership role so the job holder will need a strong background in all aspects of Information Security as well as being able to influence up, down and across the business to ensure security policy and procedures are developed and implemented successfully.

 

The role is primarily focussed on the Assessment division, but will be expected to engage with the other RM divisions and central IT in order to ensure alignment across the RM Group.

 

The job holder will be responsible for ensuring RM Group security policies are implemented effectively within the Assessment division, while also defining and applying divisional specific security requirements based on the unique customer, product and service context of the Assessment division.  This will require the job holder to form robust relationships with all managers and teams across RM, including product and service design, development and service delivery areas.

 

It is also expected that this role keeps abreast of security best practice and existing and emerging security threats, ensuring security risks are understood and appropriately owned and managed.

 

There is currently one direct report to this role, a Quality & Governance Consultant who manages our ISMS, BCMS and Quality processes in line with our ISO 27001, 22301 and 9001 certifications.

Responsibilities

Leadership

• Report on, advise and provide recommendations to the Senior Leadership Team on all aspects of security.
• Be visible across RM Assessment as the Security Subject Matter Expert, providing guidance and ensuring all members of the division are informed and trained in our security polices, and are supported in implementing them.
• Provide security leadership and support to the Architecture, Engineering and Operational teams as they develop and run our products and services.
• Support division specific vendor selection, audit and management

Policy & Procedure

• Implement the RM Group security policies and standards within the Assessment division.
• Define and own divisional security standards for our Assessment products and services.
• Monitor and report on the implementation of policy and standards across the Assessment division.
• Drive continual improvement in all aspects of security within the Assessment division

Customer

• Work with our customer account teams to help them understand legal, regulatory and contractual commitments that relate to security. This applies to the UK and other territories where RM Assessment operates.
• Attend customer meetings from time to time to support the account team and provide security expertise.

Risk & Incident

• Identify and manage security risks, ensuring they are appropriately owned with suitable mitigation plans put in place.
• Understand the security threat landscape and propose appropriate mitigations
• Lead the response to any security incidents

Governance

• Implement a governance framework to ensure products and services are designed and built in line with policies and standards.
• Contribute to the strategy for our security certifications.
• Ensure existing ISO certifications are maintained in line with strategy.

Experience

• Experience of working in a cloud based software product environment.
• Excellent understanding of GDPR and other data protection regulations
• Experience of ISO 27001 framework
• Understanding of other security standards and certifications
• Experience with operating in a regulatory environment
• Strong understanding of industry standard security best practice
• Ability to develop business relationships at all levels of the organisation to avoid SILO mentality, share ideas and get the job done with the support of the business.
• Robust interpersonal skills with proven ability of organisational planning, resource mobilisation and problem solving

• Ability to develop cohesive working relationships with internal/external stakeholders, on-shore and off-shore
• Ability to develop customer relationships

• Experience of working at a senior level within a matrixed organisation
• Ability to work effectively under pressure with competing and rapidly changing priorities
• Ability to bring analytical rigour and structure and effective solutions to problems
• Strong communication skills - applicable through multiple channels (written, spoken, workshops, presentations)

What's in it for you? 

As well as a competitive salary, you could earn a performance related bonus and you would receive our core benefits package which includes private medical healthcare, life assurance and a Group Personal Pension Plan with higher contribution levels available. 

 

There are lots of voluntary benefits too. You could buy additional annual leave, join our dental plan, sign for a health assessment or take part in our cycle to work scheme. You could even earn yourself an extra bonus for successfully recommending a friend or family member for a position within RM. 

 

At RM we are committed to building a workforce which reflects the diversity of the customers and communities we serve, and to creating an inclusive and flexible workplace where all our colleagues can be themselves and succeed on merit. 

 

At RM we recently introduced My Work Blend @RM which provides office based colleagues with multi location and hybrid working. As well as your office base you can spend a proportion of your time working at other locations that suit your role and your life, including home, other offices, customer sites, distribution centres or on the move. We encourage you to discuss arrangements for this role with your potential line manager during the recruitment process. We expect how we make best use of hybrid working may continue to adapt as we adjust to our new ways of working. 

Employment Type: OTHER