Information Security Manager
The Information Security Manager is a technical focused role, working within the Compliance area of ElectraLink and is responsible for the development, implementation and management of ElectraLink’s technical security posture. They will identify, develop, implement and maintain security processes and technology tools across the organisation to reduce risks, respond to incidents, and limit exposure to liability in all areas of information and data security. In order to achieve the above, the Information Security Manager will remain technically current and appraised of the latest security standards. They will participate in peer led forums / groups from time to time and manage technical security best practice across ElectraLink, as well as externally to the company. This role can be based from either our London or Nottingham offices, expecting to be in the office 1-2 days a week.
ElectraLink is a growing company, operating at the heart of the UK energy market with unrivalled insight into the challenges and opportunities faced by the industry.
Our data hub supports the development of a more efficient energy market that is accommodating the transition to local generation and balancing.
Our position at the heart of the UK energy industry also gives us a unique capability to provide other services crucial to the gas and electricity markets including:
• Unique market insight through analysis of the DTS market data that we process in our central industry role.
• Partnering in the implementation and change management of energy industry Governance arrangements.
• Development of more efficient market processes at a time of rapid energy industry change.
All of this means we can actively contribute to the energy industry as a thought leader, innovator, and service provider.
- Ensure that Electralink’s data assets are appropriately secured, owning and providing day to day management for all data and information Security systems, applications, policies and processes.
- Perform security risk assessments where needed, providing guidance on the implementation of all projects with information security implications across the company.
- Carry out full security audits (internal and external with relevant suppliers) and ensure compliance and best practice is adhered to.
- Design and deploy IT security solutions, liaising with various business stakeholders including IT and Operations to ensure security requirements are captured during change initiatives and development cycles.
- Act as the Security lead on relevant projects, providing subject matter expertise and technical knowledge in the areas of information security to the business.
- Maintain knowledge of emerging technical security trends, risks, new guidance, or standards (internal and external), and security enhancing technologies.
- Work closely with IT and third parties that manage our customer solutions to ensure that critical security controls are in place (e.g., web and email, MDM, IdAM, vulnerability scanning, penetration testing
- Work closely with IT and third parties that manage our customer solutions to ensure that we are managing infrastructure security, including LAN, WAN, and public facing websites and customer portals
- Performance of user access reviews and super user audits, engaging with IT and Business Improvement to ensure timely completion and outputs.
- Have 3 years+ proven experience within a technical security role
- Be educated to degree level or equivalent and qualified in generalist security disciplines (such as CISSP, CISA or CISM)
- Have experience of working in a utilities industry or another regulated market would be preferable
- Have a good understanding of relevant security standards (e.g. ISO 27001, PAS 99 Management System, NIS Directive, GDPR etc).
- Have experience of conducting security based investigations and the management of such inquiries.
- Have experience with anti-virus software, intrusion detection, firewalls, authentication systems, log management, and security content filtering tools – email and web
- Have experience of working within or alongside an MSSP or SOC provider
- Be self-motivated, highly proactive, and have an ability to lead on the end-to-end delivery of projects
- Be a strong communicator with positive influencing and interpersonal skills
- Have effective prioritisation and organisational skills, and the ability to manage multiple competing priorities in a fast-paced environment
- Hybrid/flexible working including a 4-day week!
- Private healthcare for you and your family which includes pre-existing conditions
- Employee Assistance Programme and Mental Health Cover
- Company bonus and annual pay reviews
- Annual training budget and quarterly reviews to support your professional development
- Electric vehicle salary sacrifice scheme
- 50% off Fitness First
- Monthly social events organised by our Social Committee
- Open lines of communication throughout the business- your voice matters!
- Regular Employee Forum meetings to gather suggestions from the business on making ElectraLink an even better place to work!
- Innovative and open to new ideas to support our net-zero status
- Exciting, innovative and fastmoving company which is growing – high challenge, high support environment
Ready to apply?
If this sounds like the role for you, we would love for you to get in touch. Please use the ‘Apply Now’ button below. Please attach your CV and any other documents you feel might strengthen your application.