Logo of Huzzle

Security and Compliance Manager

image

Bridewell

18d ago

  • Job
    Full-time
    Senior Level
  • IT & Cybersecurity

Requirements

  • We’re looking to ensure that the successful candidate has the right attitude and behaviours to succeed in this role which include having excellent organisational skills, being proactive and take pride in everything they do.
  • Have experience of implementing and/or managing an Information Security Management System (ISO 27001) or generally managing and delivering on cyber security initiatives incl. controls design (SOC 2 etc.)
  • Be highly organised and proactive in terms of the delivery of tasks and activities that support effective outcomes.
  • Be a good communicator, listening effectively with strong written and verbal communications skills.
  • Ability to pay close attention to detail, meet deadlines and remain composed when dealing with stakeholders.
  • Demonstrate an inquisitive mindset that is focused around asking questions and continually learning.
  • Desirable (but not essential):
  • High level understanding of wider security frameworks e.g., ISO 27001, NIST CSF, PCI DSS and GDPR. Bridewell - Internal
  • Understanding of Government Security requirements, particularly List X or List N.
  • CISSP, CISM, CESG CCP, CISA, CCSK, ISO27001 certified.
  • Knowledge of Cloud environments, particularly Microsoft 365 and/or Azure.

Responsibilities

  • This role will focus on the BMS which is certified to ISO 27001, ISO 9001 and ISO 27701 and forms the basis for our SOC2 and Cyber Essentials Plus accreditations. A core element of the role is to ensure that Bridewell’s accreditation portfolio is maintained and, where required, integrate new standards. As a Security & Compliance Manager, you will operate within a dynamic and diverse working environment where you will be expected to:
  • Own and manage Bridewell’s BMS Management System from a people, process and technology perspective, working closely with key stakeholders across the business.
  • Be the primary point of contact for and manage all external auditors and partners in relation to Bridewell’s accreditation portfolio.
  • Maintain visibility of BMS activities and report progress, risks and issues to Leadership.
  • Take ownership for security initiatives and BMS planning activities and maintain an overarching initiatives plan.
  • Ensure all policies, procedures and standards are owned, reviewed, and aligned with best practice, meet industry requirements (where relevant) and remain relevant to Bridewell’s operating context.
  • Ensure all employees follow the required ISO processes consistently, including delivering training, overseeing internal audits and engaging with the business functions to ensure that documentation is up to date.
  • Support the management of privacy processes incl. providing security input and supporting Bridewell’s Data Protection Officer.
  • Chair the Security and Risk Working Group.
  • Support the sales function with information related to our BMS and accreditations when required for bids.

Winners 'Cyber Security Company of the Year 2023' at Business Magazine Awards | NCSC, CREST, IASME, PCI DSS QSA & SOC 2

Technology
Industry
201-500
Employees
2013
Founded Year

Mission & Purpose

Bridewell is a cybersecurity firm that offers a range of services, including cybersecurity consulting, managed security services, and security testing. Their ultimate mission is to protect businesses and organisations from cyber threats by providing innovative and effective cybersecurity solutions. Bridewell's purpose is to help their clients strengthen their security posture, mitigate risks, and achieve compliance with relevant regulations and standards. They work closely with their clients to understand their unique security challenges and develop tailored strategies to safeguard their digital assets and sensitive information

Culture & Values

  • Do the Right Thing

    Always authentic, professional and accountable.

  • One Team

    Always energetic, empathetic and an extension of our clients’ teams.

  • Above & Beyond

    Always delivering an exceptional, adaptable and expert service.

Benefits

  • Paid Sick Leave

    If you are unable to work due to sickness, due to physical or mental illness, Bridewell will pay statutory sick pay (SSP). Life Insurance - Bridewell provides life assurance at 4x salary. (From 1 January 2023).

  • Health Insuarench

    Bridewell provides comprehensive healthcare insurance with access to Digital GP and additional healthcare services.

  • Cycle to Work

    Buy a bike and other cycling equipment worth up to £2,500 through our cycle-to-work scheme.

  • Electric Vehicle Scheme

    Use our salary sacrifice scheme to save money on the purchase of an electric vehicle. (From 1 January 2023).

  • Pension

    By default, Bridewell will enrol you into our pension scheme. (From 1 January 2023, this will be a 5% contribution of your full pay. Employees can opt-out of the pension scheme if they prefer).