Information Security Manager - VR/30834

Westhill based, global energy service company are seeking an Information Security Manager on a permanent basis to lead its Cyber Security Centre of Excellence. This role bridges strategic initiatives and technical execution, ensuring security policies align with business priorities. Key responsibilities include risk assessment, compliance, vendor management, and team leadership. A strong technical background and strategic mindset are essential.

Overview job description

Key responsibilities include leading Project Teams, managing vendor relationships, and ensuring service levels are met. The ISM will manage technical staff, documentation, and presentation skills, and coordinate security-related activities across IT operations.

Main duties and responsibilities:

• Developing a security program and projects with the IT Cyber Security and Compliance Director.
• Assessing and reporting on current and future threats.
• Creating budget projections for short- and long-term goals.
• Monitoring and enforcing compliance with security policies.
• Proposing changes to policies for efficiency and compliance.
• Managing and developing a team of security professionals.
• Assisting with security audit responses.
• Providing security communication, awareness, and training.
• Managing production issues and participate in change management.
• Participating in the information security governance process.
• Defining metrics and reporting strategies with stakeholders.
• Supporting legal and regulatory compliance efforts.
• Ensuring security in hardware, applications, and software.
• Implementing technical controls to enforce security policies.
• Aligning business, technical, and security requirements.
• Developing a strong relationship with the IT Security Team.
• Reporting on technical aspects of security management.
• Managing outsourced vendors for security functions.
• Coordinating incident management and reporting.
• Maintaining a knowledgebase of security trends and regulations.
• Managing threat and vulnerability activities.
• Providing guidance on security matters for IT projects.
• Assisting in disaster recovery planning and testing.
• Reviewing audit trails and system logs for compliance.

Key Relationships/Stakeholders:

• External: Industry Peers, Audit Partners, IT Service Partners, Business Partners, Professional Bodies.
• Internal: Heads of Business Functions, Senior Management, IT colleagues.