Business Information Security Officer (Watford, Ipswich or remote UK)

Syncsort ,
Ipswich, Suffolk

Overview

Job Description

Overview Syncsort is a global leader in data management software, with more than 600 million in annual revenue, 2,000 employees, and 12,000 customers including 90% of the Fortune 100. Syncsort offers powerful data integration and optimization software alongside best-in-class location Intelligence, data enrichment, customer information management, and engagement solutions. EngageOne, a business unit within Syncsort, produces a suite of SaaS and on-prem software products that handle personal data. We are looking for a Business Information Security Officer to join our EngageOne Engineering team in our Watford or Ipswich office locations. We may also consider those who are remote in the UK. The Business Information Security Officer will be responsible for overseeing a range of technical and process security controls. The role requires a thorough understanding of the technology underpinning the EngageOne software products, as well as a broad, up-to-date knowledge of information security frameworks, pertinent regulation and legislation, vulnerability management, incident management and response, secure development techniques and approaches, Cyber Security engineering and operations, and management and governance of Cyber risk and Cyber Security. Responsibilities * Define and maintain an Information Security Management System across the EngageOne business unit that addresses the needs of EngageOne staff, partners, customers, and other external stakeholders in line with relevant legislation and industry standards * Define the information security policies and controls * Obtain SOC 2 Type II and ISO 27001 certification for EngageOne software products * Oversee Cloud Governance procedures for all infrastructure running in the AWS cloud * Respond to information security questionnaires during the RFP process * Work with internal product management, product development and professional services teams to ensure that team practices are in line with policies * Write and maintain technical security whitepapers for EngageOne software products Qualifications Experience: * 5-7 years experience in information security * A degree related to information security or equivalent qualifications and experience * Experience managing an Information Security Management System in a complex IT organisation encompassing service delivery, application development and IT infrastructure * Experience with the completion of Information Security questionnaires as part of RFP responses. Knowledge: * An excellent understanding of best practices within Information Security and risk management including standards such as ISO 27001 * An excellent understanding of one or more areas or legislation and regulations that impact information Security E.g. GDPR, HIPAA, PCIDSS, CCPA * A good practical knowledge of security technologies and wider business solutions including Firewalls, IDS/IPS, Identity and access management, SIEM, remote working and AWS cloud technologies Skills: * The ability to work within a regulatory framework and to articulate its potential as a tool for continuous improvement * The ability to cut through organisational and political barriers to achieve the overall goal Nice to have: * One or more of the following qualifications are highly desirable: * Certified Information Security Manager (CISM) * Certified Information Systems Security Professional (CISSP) * Certified Information systems Auditor (CISA) * MSc Information Security * Achieved Senior or Lead level certification in the NCSC's Certified Cyber Professional scheme in one or more of Security and Information Risk Advisor (SIRA), IA Architect, IA Auditor, IT Security Officer * Experience using Tugboat Logic to define and manage InfoSec policies, prepare for audits and respond to questionnaires * Experience performing DAST scans, Red Team assessments

Get a Free CV Review

Let the professionals help you find a job.

Learn More