We are looking for an experienced Information Security professional to join a expanding InfoSec team to help provide governance & oversight of their information security risk & control environment. You will be joining an expanding team for a reputable, global business.
You must be able to translate risk recruitment's & constraints of the business into security control requirements, as well as to develop metrics for ongoing performance measurement & reporting.
Key Responsibilities:
- To work within IT and wider business teams to assess information security risk, to identify opportunities to reduce risk
- Assist the ISO in the management, maintenance and scope of the ISO 27001 framework
- Manage the reporting framework to produce quality management information for all levels of audience to ensure that quality & relevant reporting is provided to senior management on a timely basis
- Maintain the reporting framework to produce quality management information for all levels of audience to ensure that quality reporting is provided to senior management
- Maintain the information security policy framework, creating a suite of quality policy, standards & guidelines in collaboration with key stakeholders
- Create, manage and own information security assurance framework,
Key Skills & Experience
- Experience in an information security role that focus's around Governance, Risk & Compliance
- Strong analytical skills to analyse security requirements
- Proven expedience & ability to successfully delivery results in accordance to specific deadlines
- Clear ability to engage with technical and non technical audiences at various levels
- Familiarity with relevant UK & international security & privacy regulation & legislation would be advantageous.
- Proven track record of being able to assess and prioritise business imperatives to ensure the team supports both the IT and the firms strategic and functional goals
- Experience of implementing, managing or working with risk management methodologies or common information security management frameworks and standards, such as ISO27001, ISO 31000, CIS, ITIL, COBIT, PCI-DSS or NIST within a regulated environment, performing risk assessments and business impact analysis would be beneficial
This is a great opportunity to work for a business that promotes and pushes progression, to get involved with all aspects of information security and really play a key part in their future moving forward.
Paying p to £55k, this role requires minimal attendance in the office, potentially only a couple of times a month so location within the UK is flexible
Please click apply or email alice.crossley@ojassociates.com for more details