Cyber Security Manager - Infosec
To support our great Serco team, we are recruiting our future Cyber Security Manager - Infosec ! You will work from Brussels or Frascati to ensure all information security management and data protection risks are documented, ownership assigned and managed accordingly across the business unit by relevant information asset owners and network of data protection champions and to ensure that all relevant compliances are met.
At Serco, we do not only offer a career but also the opportunity to join a community where everyone’s wellbeing matters, by living out the Serco values in all we do!
If you want to join us, apply quickly on this offer, we look forward to meet you : )
Ensuring all information security and data protection risks are recorded, reviewed, and managed to an acceptable level.
Responsibility for acceptance of risk remains with risk owner.
Accountability on data protection framework and matters to the Data Protection Officer
Ensuring all relevant compliance requirements are reviewed and that compliance can be evidenced.
Ensuring management and resolution of information security and data protection incidents and any subsequent breach to include assessment of loss, or compromise, level of impact, recommend appropriate mitigation, conduct post incident review and lessons learned.
Providing support and guidance on information security management and data protection matters , particularly understanding technical and organisational implications of new services and technologies in support of data protection impact assessments and data protection by design and default.
Experience of process and approach to facilitating information security and data protection risk assessments.
Experience in information security management and data protection related compliance requirements (e.g. DPA 2018, GDPR, PCI DSS, ISO27001, ISO27701)
Experience of analysing and assessing current and future threat landscapes, providing realistic jargon-free overview of technical and organisational risks and threats.
Experience in undertaking assurance activities (and determining correct and appropriate levels of evidence).
Defining and operating security incident response plans in accordance with Serco Incident Response System and Data Protection Framework.
IT skills are important, as is the ability to interpret technical solutions to ensure the risks are identified and appropriate controls and safeguards applied.
Knowledge of the operational sectors within the relevant business units (e.g. MoD, MoJ, Health) is vitally important.
Specific qualifications include CISM or CISSP with experience of information security management and thorough understanding of data protection / GDPR.
This role involves interaction with non-SME personnel, and the ability to simplify key messages to key stakeholders is beneficial
Any offer of employment is contingent upon you providing documents to verify your identity and employment eligibility, as required by law.
Applicants are reminded that they will be requested to produce such documentation during the recruitment process.
Please contact a member of the recruitment team if you require further details of acceptable types of documentation required for verification of identity and work authorization.
Data Protection :
When creating a profile on the Serco Career Centre you agreed to the Data Protection policy, a copy is available upon request.
You may submit a written request revoking your consent to this agreement at any time.
Corporate Benefits Package
Relocation Assistance (if applicable)
Further information available from the Serco Europe Recruitment Team