Information Security Manager

Convatec is a global medical products and technologies company, focused on solutions for the management of chronic conditions, with leading positions in advanced wound care, ostomy care, continence care, and infusion care. With
around 10,000 colleagues, we provide our products and services in almost 100 countries, united by a promise to be forever caring. Our solutions provide a range of benefits, from infection prevention and protection of at-risk skin, to improved patient outcomes and reduced care costs. Group revenues in 2023 were over $2 billion. The company is a constituent of the FTSE 100 Index (LSE:CTEC). To learn more about Convatec, please visit http://www.convatecgroup.com

At Convatec, we’re transforming our business for the better. Better products. Better ways of working. And better ways of delivering for our customers and each other. We’re aiming for nothing short of excellence. Join us on our journey to #ForeverCaring as an Information Security Manager, and you’ll do the same.

 

As an Information Security Manager, you will juggle multiple requests, manage BAU tasks, and respond to incidents, prioritizing work efficiently. You will ensure employees follow updated policies and standards, and develop a measurable training and awareness program. Bridging the gap between business and information security, you will translate risks related to confidentiality, availability, and integrity into understandable terms, ensuring necessary controls and remediation's are implemented.

Key Responsibilities 

• Evolve and maintain policies and standards in alignment with changes to the regulatory framework impacting information protection or cyber. 

• Lead and conduct periodic assessments to ensure adherence to agreed compliance requirements. 

• The information security management system is managed, reviewed, and continually improved. 

• Information asset inventory containing sensitive data is maintained and updated. 

• Ensuring Information is classified and protected across key systems.   

• Identify, report and governance over information security risks.   

• Retention periods are maintained as processes and requirements change. 

• Ensure insider risk controls are implemented and improved. 

• DLP policy is implemented any incidents are managed appropriately. 

• eDiscovery and Litigation Hold requests are fulfilled timely. 

• Information security awareness plan documented and delivered, along with metrics and KPIs which demonstrate keys risks are managed. 

• Ensure near misses and policy breaches are followed upon as necessary (with training).  

• Phishing Campaigns are delivered and ensure click rate is less than 8%. 

• Perform project reviews as per the Infosec methodology and provide infosec risks and requirements to ensure security by design across all projects.

• Perform initial vendor assessment and ongoing assurance over key vendors and service providers. (IT outsourcers and SAAS).

• Assist in implementing the Information security strategy across Convatec.  

• Ensuring security by design principles are adopted by project teams and key information security risks are managed via controls. 

Key Requirements 

• Minimum 4 years’ experience in Information Security. 

• Knowledge and understanding of information security concepts and principles. 

• Ability to work independently with limited supervision.  

• Ability to demonstrate that you can influence others (key stakeholders including business) through explanation of facts, policies, and practices. 

• Strong verbal and written communication skills.

• Ability to facilitate cross-functional teams.   

• Knowledge of network infrastructure, including routers, switches, firewalls and associated network protocols and concepts.  

Education/ Qualifications 

• Bachelor's degree in computer science, Information Systems, Software Engineering, or equivalent experience   

• CISA and/or CISM certification and or CISSP preferred

Travel Requirements 

Position may involve occasional travel up to 10% of the time. Most trips will include overnight travel. 

Working conditions 

Hybrid working – 1 day per week in the office driven by business requirements as Convatec has a flexible approach to office working.   

 

Our ambitions will bring the very best out in you. You’ll be pushed to aim higher and really own your work. You’ll be encouraged and supported to make things happen, too. It can be challenging. But, as the progress you make will help improve the lives of millions, it’ll be worth it.

This is stepping up to a challenge.

This is work that’ll move you.

#LI-AC2

#LI-Hybrid

 

Beware of scams online or from individuals claiming to represent Convatec

A formal recruitment process is required for all our opportunities prior to any offer of employment. This will include an interview confirmed by an official Convatec email address.

If you receive a suspicious approach over social media, text message, email or phone call about recruitment at Convatec, do not disclose any personal information or pay any fees whatsoever. If you’re unsure, please contact us at careers@Convatec.com.

Equal opportunities

Convatec provides equal employment opportunities for all current employees and applicants for employment. This policy means that no one will be discriminated against because of race, religion, creed, color, national origin, nationality, citizenship, ancestry, sex, age, marital status, physical or mental disability, affectional or sexual orientation, gender identity, military or veteran status, genetic predisposing characteristics or any other basis prohibited by law.

Notice to Agency and Search Firm Representatives

Convatec is not accepting unsolicited resumes from agencies and/or search firms for this job posting. Resumes submitted to any Convatec employee by a third party agency and/or search firm without a valid written and signed search agreement, will become the sole property of Convatec. No fee will be paid if a candidate is hired for this position as a result of an unsolicited agency or search firm referral. Thank you.

Already a Convatec employee?

If you are an active employee at Convatec, please do not apply here. Go to the Career Worklet on your Workday home page and View "Convatec Internal Career Site - Find Jobs". Thank you!