Search Menu

Corporate Information Security Manager

Overview

Baringa Partners is a fast growing independent business and technology consultancy. We help businesses run more effectively, reach new markets and navigate industry shifts. We use our industry insights, pragmatism and original thought to help each client improve their business. We are based in London, but have offices in Germany, New York and UAE, supporting over 500 consultants working around the globe.

We are now looking for an individual to join Baringa as our first dedicated Information Security Manager (ISM), working with both the IT team, the Executive Operations team and the wider business to lead in the management and governance of information security across Baringa.

The ISM is accountable for: Baringa’s overall information security risk exposure, defining Baringa’s information security requirements, the strategy for dealing with the requirement, the definition of controls to manage information security risks, and assistance with the provision of these controls as appropriate. The ISM will also be expected to assure the effective operation of these controls as appropriate (for example, with regular audits).

The ISM will be responsible for demonstrating and communicating Baringa’s InfoSec controls to partners, suppliers, customers, regulators and auditors as needed, including in support of desired accreditation and as part of commercial bid processes. The ISM will also be responsible for the InfoSec policy set, including managing periodic review and executive sign-off, and will be expected to facilitate and participate in executive level discussion around information security risks, as well as other governance forums as appropriate.

As the domain of information security is constantly changing, the Information Security Manager must lead the continual improvement of Baringa’s security requirements and services. As well as taking a strategic view on the capabilities required for a mid-size (and growing) Professional Services organisation such as Baringa, this role also encompasses providing technical security governance, low level design consultation, and documentation of the security aspects of Baringa’s services as well as review of client contracts as needed.

As this is a new role in Baringa, the ISM will be expected to establish a number of the key processes and practices that will support InfoSec in Baringa over time, per the above.

What will you be doing?
Activities will include:
  • The definition, maintenance and governance of Baringa’s information security strategy alongside the Executive management team at Baringa
  • Lead a formal risk based approach for the identification, prioritisation and remediation (or mitigation) of information security risks
  • Work with individual and teams across Baringa to identify and implement solutions and controls for these risks, and ensure the maintenance and effective operation of these controls over time.
  • Define and implement a monitoring, logging and alerting regime to support effective operation of information security controls and to provide timely alerting of security incidents
  • Define, create and maintain the policy set
  • Create and maintain a security awareness and training plan to support this policy set
  • Liaise with external suppliers to ensure appropriate security levels
  • Provide ‘hands on’ expertise where called for, particularly in systems audit but also in technical control implementation or administration where needed.
  • Ownership of Security environment and active management of all security systems
  • Provide commercial bid support as an InfoSec subject matter specialist
  • Direct the management of information security incidents, working with the IT support team
Characteristics & Experience Desired:
  • A self-motivated individual who can work on their own initiative, with a “can do” attitude
  • An excellent communicator who can help develop good InfoSec practice with an ability to interact with the executive management team at Baringa
  • Experience in a professional services firm
  • Experience of strategic change management and implementation of new processes and policies
Technical Skills & Qualifications Desired:
  • CISSP, CISM or similar 
  • ISO 27011:2013 Lead Auditor or Implementer 
  • CCP or similar 
  • Exposure to the HMG IA policy set is desirable but not necessary
  • A high level knowledge of security appliances and services, such as:
    • Cloud security services
    • IDS/IPS and advanced threat detection technologies
    • Firewalls and URL filtering
    • Email filtering
    • Network topologies and segregation
    • VPN technologies
    • Anti-malware and endpoint protection
    • Mobile device protection and encryption 
What’s in it for both of us?

What's in it for you?

Well, it’s up to you. Baringa is what you make it.

  • We invest in you, to ensure you remain the best in the business, through formal training, coaching and mentoring
  • You can talk to anyone in the business. There are no barriers and everyone is accessible, from our Analysts to our Partners
  • We know one size doesn’t fit all and go to great lengths to ensure that people are treated as individuals. We aim to provide the level of support that will meet your personal needs
  • We believe we are a great place to work – but it’s not just us that says that. We have won a spot in the top places to work by the Great Place to Work Institute for the last ten years

What’s in it for Baringa?

We are always glad to have another great person on board to:

  • Grow our operational capabilities to better support Baringa’s future needs and growth, and deliver the user focused support which we are known for
  • Have a new colleague who brings their own views and perspective based on their experience to date
  • See another friendly face in the office, and another person to join our fantastic company events!

Page has changed!

Some of the values on this page have changed. What do you want to do?