Information Security Manager - Corporation

Role Overview

We're looking for a pragmatic, risk focussed Information Security Manager to work within Nest and maintain our ISO 27001 certified corporation Information Security Management System (ISMS). We sit in the second line of defence and advise the business on security risks, incidents, audits, assurance and the implementation and monitoring of security controls that protects Nest. You'll have a solid background in information security management systems, technology and love communicating technical concepts to non-technical people.

Please note the minimum criteria for this role is:

• Practical experience of operating certified ISMS using ISO 27001/2, NIST CSF and other security standards in the design and management of information security controls.
• Practical experience working with third party suppliers to audit and evidence compliance with security policies, standards etc.
• Understanding and experience of various Information Security domains including Security Architecture, Information Security Governance, Network Security, Data Protection, Risk Management, Identity & Access Management, Vulnerability Management, Anti-Malware, Mobile Device Management and Cloud Security

We are open to discussing working patterns.

We welcome all internal applicants to apply for our roles, regardless of your current working pattern or hours. We will aim to accommodate your request and match your current working arrangements.

Don't worry if you think you don't have all the key skills, it might be worth taking the few minutes to apply as we're good at spotting potential and offer a generous training budget.

Please download a full job description to find a full scope, deliverables, experience and personal attributesrequired for this role.

Reward and recognition

• A discretionary bonus scheme
• Reward and recognition scheme
• Enhanced auto enrolled pension - your contributions start at the default 5% while ours are higher at 8%. If you up your contributions to 6% we raise ours to 9%. If you contribute 7% or more we'll contribute 10%.
• Income protection scheme - is an insurance benefit that provides you with income if you cannot work due to illness or incapacity.

Click here to see the benefits we offer at Nest.

Flexible and agile working

Everyone's personal situation is different.

To make the most out of hybrid working, we've introduced different ways of working, which include (subject to role requirements):

• hybrid of office (Canary Wharf, London) and home working (there will be an expectation to attend the office, once - twice a week, or more, as required)
• reduce or vary working hours
• reduce or vary the days worked
• work compressed hours
• job share

For more information about our recruitment process click here

Directorate/Department Overview

The Risk and Compliance vision is to become a trusted partner for the business. To enable this, the directorate teams' shared objective is to enable the first line to deliver business objectives in line with agreed risk appetites.

The Information Security team functions as part of the second line of defence in the Risk and Compliance directorate.

It is accountable for the development, implementation and on-going maintenance of the ISMS (Information Security Management System) processes across Nest Corporation and the Scheme Arrangement outsourced providers in alignment with ISO27001.

The Information Security Manager - Corporation reports into the Head of Information Security and is responsible for ensuring that Nest's Information Security Management System is operated for the Corporation, enabling the first line business teams to deliver business objectives in line with the agreed risk appetite. This role will work across all internal Nest departments, programmes, projects and initiatives, providing oversight, support and challenge.

Organisational Overview

Nest is an award-winning workplace pension scheme, the largest in the country.

Set up by the government to give every worker in the UK somewhere to save, our first-class responsible investment practice and governance are the backbone of what we do, supported by all the functions you'd expect to find in a thriving business. We're committed to creating a workplace where you can be your authentic self and offer an inclusive and flexible working environment.

Diversity, Equity and Inclusion

Everyone is welcome to apply for our roles, and we are determined to ensure that no applicant or employee receives less favourable treatment because of their age, disability, gender identity, marital status, national origin, pregnancy or caring responsibilities, race, religion/belief, sex, sexual orientation or socio economic background.

We also recognise the importance of diversity of thought and other forms of neurocognitive variation.

Nest is a Disability Confident Leader, which is the highest level of the Disability Confident Scheme. If you have a disability, please declare that you're applying through the scheme.

We aim to offer an interview to those applicants who apply through the Disability Confident Scheme and best meet the minimum criteria. However, there may be some circumstances where this is not possible due to the volume of applications.

Please note that this advert may close early if we receive a sufficient number of satisfactory applications.

If you have any difficulty in sending your application or need the application pack in an alternative format, or you require any reasonable adjustments please contact: [email protected].