SonicJobs Logo
Left arrow iconBack to search

Information Security and Governance Manager

Psychology Tools Limited
Posted 8 days ago, valid for 20 days
Location

Reading, Berkshire RG17LT, England

Salary

£44,000 - £52,000 per annum

Contract type

Full Time

By applying, a The Guardian Jobs account will be created for you. The Guardian Jobs's Terms & Conditions and Privacy Policy will apply.

Sonic Summary

info
  • Psychology Tools is seeking an Information Security and Governance Manager to join their team, focusing on information security management and HIPAA compliance.
  • The role requires a graduate in Cyber Security or relevant work experience, ideally in a HIPAA compliant setting, along with knowledge of ISO27001.
  • Candidates should have at least 3-5 years of experience in information security management systems and be able to communicate effectively at all levels.
  • The position offers a competitive salary ranging from £44,000 to £52,000, depending on qualifications and experience.
  • Benefits include a contributory pension scheme and 25 days of holiday, within a supportive and collaborative work environment.

About Us

Psychology Tools (psychologytools.com) is an online platform publishing evidence-based therapy resources for clinical professionals. We are a small team of passionate individuals, intent on creating best-in-class resources and making them available to our customers in innovative formats.

Role Overview

We are seeking to appoint an Information Security and Governance Manager to join our growing team to manage our on-going information security management and HIPAA compliance requirements. You will be responsible for achieving ISO27001 certification and for the development of plans to improve our information security management system and policies, ensuring that staff are kept informed and trained to a high standard. Operating in the healthcare sector, we can hold sensitive data and so having good practical experience and knowledge of best security practices is essential, ideally including a knowledge of HIPAA compliance.

Key Responsibilities

  • To develop and maintain the information security policy and accompanying standards, procedures and guidance in order to gain and maintain ISO27001 certification
  • To develop and deliver a programme of planned compliance reviews and regular risk assessments and to identify and mitigate security risks and address gaps
  • Ensure secure implementation and maintenance of cloud-based solutions for secure storage of sensitive data
  • To promote security awareness by developing and implementing a security awareness and training programme
  • To investigate suspected and actual security incidents in accordance with the security incident management standard, produce reports with recommendations and ensure any remedial action is taken
  • Produce regular reports for the Chief Operating Officer and Board as required Respond to enquiries from staff and provide security advice as required
  • Work with internal stakeholders to develop relationships to help promote and improve information security and provide security advice on procurements, projects and new initiatives as required
  • Work with external suppliers and auditors as required Maintain a good working knowledge of emerging security trends, risks, new guidance or standards (internal and external) and security enhancing technologies

Qualifications and experience

  • Graduate in Cyber Security or Information Security; Or
  • Work experience at a level demonstrating ability to successfully implement or manage information security management systems and security risks, ideally in a HIPAA compliant setting
  • A good working knowledge of ISO27001 and, ideally, HIPAA compliance and/or Cyber Essentials Plus
  • Ability to influence on matters relating to security and information risk
  • Good verbal and written communication skills and able to communicate effectively at all levels
  • Ability to manage time and priorities appropriately
  • Positive attitude towards learning and development demonstrated by a record of continuing development

The successful candidate will ideally also have experience with some or all of the following;

  • An understanding of the Data Protection Act, the Freedom of Information Act and other related legislation, including standards and codes of practice
  • One or more Information Security Certificates from the following list;
    • CISSP (Certified Information Systems Security Professional)
    • CISM (Certified Information Security Manager)
    • ISO27001 Lead Implementer or equivalent
    • CISA (Certified Information Systems Auditor)

What We Offer

  • An opportunity to contribute to a growing, mission-driven organisation focused on mental health
  • A collaborative, flexible and supportive work environment
  • Competitive salary of £44,000 - £52,000 dependent upon qualifications and experience.
  • Contributory pension scheme 25 days holiday

How to Apply

Please submit your CV and a cover letter detailing your relevant experience and interest in the role via the button below.

Psychology Tools is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

Agencies: We are not able to accept applicants and unsolicited interest via recruitment agencies.

Apply now in a few quick clicks

By applying, a The Guardian Jobs account will be created for you. The Guardian Jobs's Terms & Conditions and Privacy Policy will apply.