Information Security Manager
Sony Pictures
London, UKThis was removed by the employer on 3/7/2019 6:53:00 AM PST
Not to worry we have many other jobs on the site;
Browse all jobs
Browse the IS/IT Category
Browse the Studio Category
Search for Information Security Manager jobs in London-UK
Search all Information Security Manager postings
Full Time Job
Information Security Manager
Overview:
The Information Security Manager will be based in London UK, reporting to the regional Information Security Director and will assist in the delivery of the Sony Pictures Entertainment information security program to offices and employees in the Europe, Middle East and Africa region.
The responsibilities of the Information Security Manager will include:
• Managing multiple aspects of the information security program, including policy, compliance, risk management, and ad-hoc consultancy to the business
• Engaging with business stakeholders to understand business practices; gathering and facilitating the convergence of business, technical and security requirements; liaising with IT to align the environment with existing and future requirements
• Risk assessing external entities (e.g. vendors, suppliers, partners, joint ventures); assisting with due diligence reviews of merger and acquisition deals
• Collaborating with IT to ensure security is factored into the evaluation, selection, installation and configuration of hardware, applications and software.
• Providing support and guidance on legal and regulatory compliance including data privacy
• Tracking and coordinating the remediation of security vulnerabilities
• Delivering security awareness training to employees
Breakdown of Core Responsibilities:
40% Risk management; ad-hoc consultancy; requirements gathering
30% Compliance; system platform validation; vulnerability management; reporting
20% Policy exception handling; security awareness training
10% Reviewing processes, procedures, guidelines, and solutions
Some travel may be required within region. Out-of-hours support may be required depending on nature of the operations.
The ideal candidate will have the following:
• 4-6 years' experience in a similar role working within information security management.
• Excellent understanding of information security concepts, protocols, industry best practices and strategies; analytical skills to evaluate security requirements and relate them to appropriate security controls.
• Detailed knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls; an understanding of the business impact of security tools, technologies and policies.
• Practiced proficiency in performing risk, business impact, control and vulnerability assessments.
• Well-versed in network and web application vulnerability scanning and associated risk treatment.
• Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with IT, project and application development teams, management and business personnel.
• Ability to build effective working relationships, working inclusively with stakeholders to understand their business requirements.
• Demonstrable experience working with common information security management frameworks, such as ISO 27001, COBIT and NIST frameworks.
• Ability to perform under high pressure in a dynamic environment to strict deadlines, with the ability to address multiple activities concurrently.
• Experience working within Information Security Management System's and information security governance
• Broad Knowledge of IT Architecture & Underpinning Technologies including;
• Network architecture (routers, switches and load balancers)
• Security technologies (firewalls, IDS/IPS/UTM, advanced endpoint security, AV, FIM)
• Operating systems (Windows, OS X, Linux and UNIX)
• Application architecture (databases, web, middleware, virtual)
• Software development (SDLC, compiled and interpreted languages, SVN)
Desirable
• Understanding of the role of Information Security in the Software Development Life Cycle
• Knowledge of Agile & Waterfall project management methodologies
• CISM, CISSP, CRISC, CISA, ISO2700x qualifications advantageous
If this sounds like you, we would love to hear from you, please click ''Apply Now'', and please attach a copy of your CV to your application too.