Information Security Manager

Instanda Digital insurance solution that enables carriers, brokers, and MGAs to design, build and launch insurance products. Learn more. View company page INSTANDA - pushing the boundaries of Insurance Technology. About us: INSTANDA is the world s first no-code cloud -based platform, we are changing the way Insurers can design and deliver insurance products to market, allowing them to configure new products at speed completely disrupting the legacy norms in the industry. INSTANDA has grown significantly in recent years, and we are now a team of 180+ employees primarily based in the UK and US, with partnerships that operate worldwide. We're continuing to grow our business, and Client Delivery is at the forefront of our growth plans, with partnerships that operate worldwide. Our company was built by looking at the world through a different lens and our culture today reflects that by encouraging you to be yourself, speak your mind, and share your opinions. We want people who want to push themselves, be part of something great, and be prepared to challenge themselves if they think there is a better way. Collaboration sits at the heart of how we operate, it has fuelled our growth enormously and our aim to be world class . People at INSTANDA not only have a real sense of shared ownership but are granted share options to benefit from our long-term success making everyone an owner of the business. So if this sounds like the place you can thrive in and grow your career, please keep reading! We re looking for an experienced Information Security Manager who will lead, plan and execute our Info Sec strategy. You will play a key role in assuring the activities of INSTANDA and a number of our 3rdParty partners. Competent around technology, security frameworks and the cyber threat environment, you will own assurance processes, contribute to a multitude of projects and be involved in decision making. Your input will be critical to the maintenance and development of Information Security compliance and assurance across the INSTANDA estate and across 3rdparties. A self-starter, you will be comfortable with ambiguity and a lack of detail and be someone who can develop concepts and work with a broad array of individuals and problems. Playing a leading role within InfoSec, with your reach and activity enabling security as a principal consideration across INSTANDA. Responsibilities will include: Overseeing the INSTANDA information security management system (ISMS) including the implementation and maintenance of the ISMS across the business; Be a key member of the ISO27001 Steering Committee; Engage with external security service providers to ensure support is at the required standards and in line with our business needs; Create and maintain security documentation to support the sales process with our clients, and responding to their questions as a respected SME; Design and implement the internal security education and awareness programmes; Drive the maturity of existing security controls across multiple teams, and in collaboration with colleagues across INSTANDA; Proactively identify opportunities to mentor and develop colleagues on all aspect of InfoSec, and; Collaborate effectively within internal colleagues in security critical roles to ensure InfoSec is embedded and understood. Requirements You ll have demonstrable, proven experience within the following areas: You ll be a proactive self-starter, with a proven track record of building and owning an InfoSec strategy; running your own projects. You ll effectively manage stakeholders, demonstrating high levels of resilience as you seek to influence at all levels within our business. Accreditation in at least one of the following: o Certified Information Systems Security Professional (CISSP) o Certified Information Systems Auditor (CISA) o Certified Information Security Manager (CISM) Experience of working with internal and external auditors; Security Frameworks: you ll be the go-to person within InfoSec for the real-world perspective of their implementation, security considerations and impact to decisions. ISO27001: you will have previous experience of working in an ISO27001 environment with an excellent understanding of InfoSec best practice. Assurance Principles: y ou will play a central role in the maintenance of 3rd party assurance, providing InfoSec guidance to Project Managers; Account Managers and individuals who are looking to work with external firms to drive INSTANDA business operations forward. Stakeholder Management: your ability to influence and educate others on InfoSec principals and best practice is fundamental to this role. You ll be engaging laterally and vertically with multiple internal stakeholders within INSTANDA to ExCo level. Cyber Threats: you will have proven knowledge around industry developments and adjustments to the nature and character of cyber threats. Networking Principles: a t times, you ll need to influence decisions on the design and implementation of changes to the INSTANDA networks, based on your understanding of data flows and network principles, as well as your grasp of security frameworks and controls in place. Generous 28 days holiday allowance, in addition to public holidays. For every year of service you complete, we ll give you an additional days holiday (max. 5 days) One Dynamic Day per month on top of your holiday allowance to spend time doing the things you want to do or simply catching up with life admin. Remote & Hybrid approach varying with the nature of your role. Life cover; income protection and participation in the company pension scheme £100 per month to put towards wellness activities. Annual learning & development allowance of £1,250 Free access to LinkedIn learning and Microsoft ESI learning platforms Additional Information: This is a UK based role, you must be eligible to live and work in the UK without restriction. We are unable to offer sponsorship. Please apply directly online We are not working with any agencies or staffing firms for this role - please do not contact us. Explore more InfoSec / Cybersecurity career opportunities Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below. #J-18808-Ljbffr