Information Security Officer

Meridian Business Support ,
Newport, Gwent
Job Type: Full-time
Salary: £38,000 per annum

Overview

Information Security Officer Newport £40,000 per annum excellent benefits Meridian Business Support are currently looking to hire an Information Security Officer for one of the area's leading employers. We are looking for a forward thinking and proactive person who will work well in a highly regulated environment as part of a growing IT team. You will be required to play a key role in developing methodology, completing assurance exercises, monitoring and recording compliance to the policies, as well as any recording and authorising any exceptions and waivers. You should be able to build and maintain strong relationships with stakeholders, mentoring and guiding colleagues to raise awareness of Information Security and Cyber Security. Duties to include: Developing, implementing and maintaining information security policies, assuring that these are compliant with all applicable legal and regulatory legislation. Providing second line oversight and challenge information on cyber security matters. Responsible for ensuring technical controls are effective in line with documented governance and good practice guidelines. Assisting with the overall governance and compliance of information security policy, and procedures via engagement across all functions Being responsible for the delivery of technical assurance ensuring results are analysed and communicated appropriately. Managing and driving the information security incident process, including investigating or working with relevant teams to deal with the incidents, identify the root cause and amend policies when required. Conducting post-incident investigations and provide advice to address issues and/or amend procedures to enhance information security protection. Track remedial actions through to completion. Completing ongoing due diligence for existing suppliers, ensuring they are able to satisfy standards set out. Responsibility for ensuring that technical rectifications and vulnerabilities are made visible to management and effective mechanisms are in place to monitor compliance. Creating and managing the information security risk register. Co-ordinating the execution of IT Business Continuity testing, plan maintenance and playbook updates. Manage the technical relationships within IT (delivery, infrastructure) and business change. Act as a mentor to the business by providing training, coaching and guidance on matters relating to information and cyber security. This role would suit an excellent communicator who strives for continuous improvement. Required/desired skills for the role include: Degree level (or equivalent) education in either technical / business subject. CISSP - Certified Information Systems Security Professional or Systems security Certified Practitioner qualification. Substantial knowledge of asset security, communication and networks security, access management, security testing and operations and secure software development. Detailed understanding of Information Security Standards e.g. ISO27001/Cyber Essentials/CIS20/FFIEC/NIST. In depth and up to date knowledge of emerging markets, threats, industry, regulatory and legislative changes. Working knowledge of Microsoft operating environments. We are open to applications from candidates with or without all of the above mentioned accreditations. Whilst they are advantageous, relevant experience and a desire to learn and self develop are equally important. Interested? Please upload your CV as a Microsoft Word document to be considered for interview. Meridian Business Support ltd is an equal opportunities employer Meridian Business Support is acting on behalf of our Client as a Recruitment Agency.