This is a great opportunity for a motivated IT Manager with a strong focus on InfoSec to take on and own all aspects of information security, data protection and compliance within our group of companies. Reporting to the Group IT Director you will also input into setting IT strategies that are reflected across all group agencies.

The role of Group GDPR Lead falls within the remit of this position, with a responsibility to the Group Exec Board.

What you'll do

  • Oversight of Strategic IT initiatives for MMT Digital (an MSQ Group company)
  • Service desk escalation point within MMT
  • Prepare responses to IT and security questionnaires for tenders and client needs, developing a tender response framework to simplify the completion of these requests.
  • Maintaining documentation and policies for the parent company and baseline policies for group agencies
  • Auditing the group’s compliance with regional legislation and GDPR requirements ensuring judicious GDPR controls are in place
  • Keeping abreast of changes in IT / legislation / GDPR / Cyber Security, and advising on network security best practices
  • Review IT security and controls to ensure compliance with policies

What you'll bring

In order to flourish in this role, you’ll ideally need the following:

  • A proven record of developing information security policies and procedures
  • A comprehensive knowledge of UK legislation and GDPR requirements
  • An understanding of Azure, 365 services and network infrastructure
  • A broad knowledge of a wide range of Information Technology systems and a deep understanding of the inherent security risks associated with these technologies.
  • Cyber Essentials Plus compliance experience
  • Good communications skills, both written and verbal, and be able to communicate effectively and confidently with business leaders and stakeholders

It would also be great (but not essential) if you have:

  • Firewall / VPN configuration experience
  • Understanding of security testing, encryption techniques / ciphers
  • Mimecast / Sophos policy configuration
  • Experience in ISO27001 compliance and risk assessments