Avayler - Information Security Manager

As a provider of software and associated services, it is imperative that Avayler works to a recognised compliance standard, in the instance ISO27001.
The purpose of the role is to be responsible for the management and maintenance of the InfoSec system to ensure the retention of the certification.
It will also include driving continuous improvement of Avayler information security items across the business and promoting additional awareness and education.
Additionally, for Avayler to continue to attract and on board clients, it is crucial that we can evidence and demonstrate that we have achieved certification and work to agreed and approved process and procedures.

The role encompasses developing, implementing, and maintaining an organization's information security policies and procedures, ensuring the confidentiality, integrity, and availability of data by assessing risks, identifying vulnerabilities, and implementing security controls across systems, networks, and applications, while also educating employees on security awareness and responding to security incidents when they occur

Key Accountabilities

• Lead on developing and implementing information security policies and procedures.
• Conducting risk assessments to assess and mitigate security risks
• Monitoring and ensuring compliance with relevant industry regulations and standards
• Managing Security Incidents: owner for planning, communicating and implementing activities for any information security management breaches
• Collaborating with stakeholders (interested parties)
• Responsible for any internal communications around information security
• Lead monthly sessions with document owners to ensure documents are relevant and up to date
• Ensure training records are up to date and security awareness training is being completed as necessary
• Coordinate execution of Internal audits and follow up actions to address any findings
• Coordinate execution of external audits and follow up actions to address any findings
• Coordinate continuity testing, communicate outcomes and document any findings.
• Lead on quarterly management reviews

Key Skills

• Excellent communication skills for informing and enlightening interested parties on information security matters
• A client-centric mindset and a passion for problem-solving.
• A strong understanding of ISO27001 purpose and requirements
• A detailed and forensic approach to maintaining Information security related items
• Solid understanding of our products and services, with the ability to adapt to new technologies.
• Strong problem-solving skills to tackle technical challenges.
• Ability to think outside of the box and come up with innovative solutions.
• Willingness to explore alternative methods and strategies.
• Technical know how & an understanding of cloud-based applications.
• 3 years’ experience working in a SaaS organisation.
• Solid understanding of SaaS products and services.

Not sure you meet all the criteria? We'd encourage you to take the wheel and apply anyway! At Halfords we are committed to creating an inclusive workplace for our colleagues. We're an equal opportunities employer and proud to welcome applications from all backgrounds and embrace diversity within our one Halfords Family.