Information Security Officer - Permanent Role - Surrey
- Drive the evolution of the company's Information Security policies to maintain best practice and alignment with Corporate and Regulatory requirements including the Global Information Security Group (GISG) Framework, GDPR and SOX.
- Line manage, mentor and develop the IT Security Analyst
- Working in partnership with the DPO, raise the profile of Security within the organisation by being proactively involved with stakeholders and customers
- Working in partnership with the Delivery Teams, to ensure all Projects, Changes, IT Policies and Procedures are compliant with corporate Information Security Policies
- Ensure suppliers are compliant with corporate standards including Vendor GISG, GDPR and SOX.
- Where required, conduct (third party) Pen Testing and facilitate any subsequent remediation activities
- Act as the subject matter expert on matters of security relating to IT
- Undertake Security related Testing including Phishing and Security Incident Response Tests
- Co-ordinate response to security incidents and breaches to ensure any impact is contained and relevant information obtained to facilitate analysis and improvement plans
The ideal candidate would have:
- 3-5 years' experience working as an information security professional within a small to medium sized organisation
- Proven experience developing, implementing, maintaining and leading an effective information security control assurance programme
- Experience of delivering IT Security solutions
- Strong stakeholder management skills, including technology
- Understanding of security tools - IDS/IPS patching, vulnerability management and penetration test and remediation
- Experience developing security architecture
- Good understanding of GDPR and SOX
Morgan McKinley is acting as an Employment Agency in relation to this vacancy.
Please note that any references to salary or pay rates in this advertisement and in the salary refinement section are indicative only and should only be used as a guide.