Information Security Manager
Glasgow
Job Description Smarter Grid Solutions (SGS) is a pioneering technology company that spearheaded the introduction of Active Network Management in the UK, and is now a world-leading provider of DERMS Software to electrical utilities across the UK, Europe and North America. We have a customer base that includes major utilities including UK Power Networks, Western Power Distribution, Consolidated Edison, Hydro One and Southern California Edison and controls over 500 MW of renewable generation, from wind turbines to electric vehicles, across its customer territories.
Role
We are looking for an experienced Information Security Manager to join our exceptional team of professionals. Reporting to the Chief Operating Officer, you will have a track record of leading security and compliance programmes in SMEs, preferably in the technology space.
This role is critical for safeguarding the SGS’s sensitive data, ensuring regulatory compliance, and maintaining a resilient security posture in the dynamic energy sector.
Responsibilities
1. Security Strategy and Planning:
Collaborate with stakeholders to define the SGS’s security strategy.
Create and execute security roadmaps, considering business objectives and risk appetite.
Stay informed about emerging threats and technologies.
2. Incident Response and Security Operations:
Develop incident response plans and coordinate security incident handling.
Oversee security monitoring, vulnerability assessments, and penetration testing.
Manage security incidents and coordinate with relevant teams.
3. Security Awareness and Training:
Promote security awareness across the SGS.
Conduct training sessions for employees on security best practices.
Foster a security-conscious culture.
4. Governance, Risk, and Compliance (GRC):
Develop and implement information security policies, procedures, and standards aligned with industry best practices.
Ensure compliance with relevant regulations, including ISO 27001, ISO 9001 and GDPR.
Engaging with key company stakeholders, assessing and actively managing risk through effective mitigation strategies.
5. ISO 27001 & ISO 9001 Compliance:
Lead ISO 27001 & ISO 9001 compliance activities.
Maintain our integrated management systems for information security and quality management.
Monitor and audit controls to ensure ongoing compliance.
Qualifications
Proven experience in information security management.
Strong knowledge of information security frameworks and regulations such as, ISO 27001, NIST 800 series, NERC-CIP, NIS and GDPR requirements.
Knowledge and experience of quality management systems, especially in an ISO 9001 certified environment.
Desirable Qualifications
Degree in Information Security, Computer Science, or related field.
Relevant certifications (e.g., CISSP, CISM, ISO 27001 Lead Auditor).
Benefits
Competitive salary, dependent upon experience
33 days holiday
5% matched Employer pension scheme
Up to 5% Gainshare bonus per annum
Private Medical Insurance through Vitality
Life Cover (3x)
Cyclescheme