NSE ISMS Cybersecurity Manager

1. We build teams of future thinkers, with diverse talents and backgrounds, and empower them all to reach for and achieve more.
2. The ISMS Manager will be responsible for leading our efforts in establishing, implementing, and maintaining our ISMS requirements across NSE.
3. The person will play a key role in consolidating ISMS activities across each NSE geo where applicable as well as supporting ongoing certification requirements.

NSE ISMS Cybersecurity Manager, 12-24 Month FTC / Secondment

Req: 16844

Connect To Your Industry

To work in an innovative and creative Information Security team. A world class operation with extensive knowledge and experience. Interfacing with business and technical teams and bringing about change and influence across the whole world of Deloitte. Apply your skills here to make things happen, great people, great purpose and passionate about our work.

Connect To Your Career At Deloitte:

Deloitte drives progress. Using our vast range of expertise, that covers audit, risk advisory, and consulting services across tax, legal, business, technology and corporate finance, we help our clients become leaders wherever they choose to compete. To do this, we invest in outstanding people. We build teams of future thinkers, with diverse talents and backgrounds, and empower them all to reach for and achieve more.

What brings us all together at Deloitte? It’s how we approach the thousands of decisions we make every day. How we behave, our beliefs and our attitudes. In other words: our values. Whatever we do, wherever we are in the world, we lead the way, serve with integrity, take care of each other, foster inclusion, and collaborate for measurable impact. These five shared values lead every decision we make and action we take, guiding us to deliver impact how and where it matters most.

Connect To Your Opportunity:

• The ISMS Manager will be responsible for leading our efforts in establishing, implementing, and maintaining our ISMS requirements across NSE. The person will play a key role in consolidating ISMS activities across each NSE geo where applicable as well as supporting ongoing certification requirements.
• Work with each NSE geo to coordinate ISMS maintenance activities and ensure audit readiness.
• Establish and maintain common ISMS artefacts, including applicable scoping documents, policies and standards and risk treatment documentation.
• Collaborate with cross functional teams across NSE to ensure mandated security controls and risk treatment plans are integrated into business processes and IT systems.
• Assist in the coordination of ISMS control monitoring activities across NSE.
• Liaise with internal audit as part of their regular ISMS internal audits and assist with audit remediation activities.
• Stay informed about the latest trends and developments in information security, the ISO 27001 standard and supporting guidelines, and proactively recommend enhancements to the ISMS.
• Prepare and present comprehensive reports on the status of ISMS implementation across NSE.
• Ensure that ISMS implementation is integrated into the Information Security Strategy and Operating Model.
• Provide inputs to relevant governance bodies e.g. NSE Security Council (including ISMS metrics, reports, risks and incident details, progress reporting and escalation matters).

Connect To Your Skills And Professional Experience:

Essential:

• Extensive and in-depth experience of information security, management systems and risk management practices.
• Extensive and in-depth experience of information security frameworks, including the ISO 27001 standard and support guidance documentation including ISO 27002.
• Effective business communication skills to inform, partner, influence and manage key stakeholders to embed effective information security activities and processes.
• Ability to lead and collaborate with cross functional teams in a dynamic environment.
• Good understanding of balancing the role between business stakeholders and a central service organisation.
• Business acumen, ability to take a strategic and commercial view
• Knowledge of European Union Directives including privacy regulations and cross border personal data transfer requirements (GDPR), as well as incident response handling procedures.
• Up-to-date knowledge of cyber and information security trends and threats.

Desirable:

• Professional certification in CISSP, CISM or equivalent is considered an advantage.
• Prior experience of leading transformation initiatives and strong programme management skills are highly desirable

Connect To Your Business - Enabling Functions:

Collaboration is central to everything we do at Deloitte. Bringing your individual skills and experience, and sharing your specialist knowledge, is how you’ll make a far-reaching impact. Come join us.