The Canal & River Trust is one of the UK’s biggest charities and we are entrusted with the care of over 2,000 miles of waterways in England and Wales. As well as maintaining canals and rivers, we are also responsible for an extensive network of waterside infrastructure along with museums, archives and the country’s third largest collection of protected historic buildings – preserving them for future generations.
We are currently searching for our future IT Security Manager. This new position will play a vital role in the development, maintenance and implementation of an IT security strategy and policies to ensure the protection of the Trust’s IT infrastructure, systems and information in accordance with legislation, guidelines and industry best practice.
Responsible for minimising the risk to the Trusts IT systems, networks, services and information through proactive and reactive management of all aspects of IT security, ensuring that information management and security best practice is designed in from the outset, feeding into a balanced and manageable security strategy.
Act as a subject matter expert for information management and security on business and technology projects; providing consultancy from a governance, risk, compliance, audit and technical standpoint to assist and provide direction to project managers, the business and IT.
The role is also responsible for increasing Trust wide employee awareness and individual responsibilities in the area of IT security, looking to achieve permanent cultural change to better safeguard our business operations.
Experience working with project managers, stakeholders and end-users to define information management and security requirements, ensure delivery of the requirements raised, their testing and designated standards of working with operational teams, facilitating the efficient hand-over of solutions delivered.
Extensive knowledge of the information security standards, and how to ensure delivery against those standards
Experience of advising/overseeing security considerations on network and enterprise application design and implementation
Very strong inter-personal skills and experience of working collaboratively with technical and non-technical teams and external stakeholders.
Comfortable delivering training and awareness sessions to non-information management and security, and/or non-technical audiences.
Skills & Attributes
Substantial experience in an information management/information security or similar role either in a commercial or a non-for-profit environment.
Knowledge of information security standards, frameworks and best practices (ISO 27001, Standard of Good Practice for Information Security (SoGP) and/or ITU-T X. 805 -2003 an advantage)
Knowledge of compliance requirements from EU GDPR, UK FoIA and the UK DPA
Risk analysis and risk management experience (experience of MoR, ISO 27005 and/or IRAM2 an advantage)
IT project methodologies (Especially Prince2: 2017 or Agile)
Knowledge of network design and the latest technologies
Experienced in Incident Management and case handling
Ability to manage conflicting priorities, multitask and meet deadlines
Ability to analyse complex technical landscapes and evaluate technical solutions
Proven ability to produce high quality deliverables in terms of content and presentation
Proactive and self-motivated
Strong communication and interpersonal skills
Developed negotiation skills.
Strong planning and implementation skills
Well organised, and able to prioritise workload
Desirable Qualifications and Memberships
CISSP or CISM/CISMP
CIPP/E and/or CIPM
Membership of the IISP or IAPP
This vacancy offers a salary of up to £55,000, generous contributory DC Pension plan, and excellent holidays. You can learn more about the employee excellent benefits we offer here: https://canalrivertrust.org.uk/about-us/work-for-us/our-benefits
We aim to represent the diverse communities we are part of and welcome applicants from across all sectors of the community. We strongly believe that a diverse workforce brings with it a diversity of ideas, thinking and ways of working which enhances what we do.
Find out more about the work we do and opportunities we have on our website: https://canalrivertrust.org.uk/about-us