We are seeking a Data Protection and Information Security Oversight Manager to join our Governance team. This role can be based in our Cheltenham, Glasgow, Leeds or Liverpool office working on a hybrid basis.
The Information Security Manager will work closely with colleagues in IT and work with the wider business to maintain and enhance our Information Security posture and to retain our ISO27001 and Cyber Essentials certifications.
Responsibilities:

• Assist in developing and executing a comprehensive data protection strategy aligned with business objectives and regulatory requirements
  
• Create and maintain data protection policies, standards, training, and guidance notes to ensure compliance with applicable laws and best practices
  
• Provide expert advice and guidance on privacy-related matters, including data sharing, international data transfers, consent management, data subject rights, data incidents, vendor risk management, and privacy complaints
  
• Facilitate the development and on-going maintenance of the ISO27001 ISMS. Work with IT to design and define Data Protection policies. Planning, organising, supervising and where necessary, carrying out (ISO27001) external and internal audits
  
• Assisting with the development and maintenance of the Business Continuity Plan, Cyber Incident Response Plan and Disaster Recovery Plan and any associated testing and maintenance
  
• Ensuring adequate internal action and timely response for data security related incidents
  
• Providing consultancy and guidance to Business Areas regarding Information Security, Data Protection and Legal and Regulatory requirements, including audit support
  
• Assisting Business Areas in understanding and responding to security audit failures reported by auditors
  Experience/Qualifications:
  
• Proven experience in Information Security and Data Protection
  
• Understanding of ISO27001 and Cyber Essentials / Cyber Essentials Plus certification requirements
  
• Proven experience in writing and implementing policies and procedures
  
• Experienced Data Protection Officer / Manager
  
• Experience of running an ISO27001 internal audit programme
  
• Experience of managing an information security awareness programme
  Benefits Summary
  
• Competitive discretionary annual bonus
  
• Core benefits paid for by BW including life assurance, group income protection, private medical cover and 25 days holiday per year with holiday trading
  
• A generous pension scheme where we contribute 8% of your salary from day one of your employment
  
• Employee Assistance Programme to support you and your family through any concerns or challenges you may experience
  
• A comprehensive range of voluntary benefits to suit your life stage and lifestyle including a tech scheme, cycle to work scheme, dental cover, healthcare cash plan, health assessments, critical illness cover, extension of private medical cover or life assurance to family members, gym membership, travel insurance and a broad range of discounts at hundreds of retailers including supermarkets, fitness centres, travel and leisure companies
  Happy to talk flexible working
  Accessibility
  We are a Disability Confident Employer. If you require reasonable adjustments or want more information on accessibility, please click here
  Not quite the right opportunity for you this time?
  For more about us and other Careers at BW, please click here
  Follow Barnett Waddingham on LinkedIn
  We kindly ask recruitment agencies to not send speculative CVs. Should we need assistance, we will reach out. All enquiries should be directed to (url removed)