Information Security Officer
£60k + benefits
Information Security Officer sought by nationwide environmental charity, with 1000 staff, to help establish the organisation's Information Security Capability. Working closely with the Head of IT you will support the creation, development and implementation of the Information and Cyber Security strategy and operations. The organisation aims to inspire a passion for the environment and nature, managing a number of fixed venues as well as delivering special events and shows across the year.
The Information Security Officer will play a crucial role in assessing security risks and establishing Security Operations and Incident Response processes. You'll work proactively to reduce incidents and champion adherence to agreed processes, policies and procedures.
Key responsibilities will include:
- Designing, managing, maintaining and continually improving the firm's IT security systems
- Development and Championing all Info Sec Policies, Procedures and relevant standards, and producing supporting documentation
- Performing regular Information and Cyber Security Testing and reviews, and reporting on findings
- Monitoring the vulnerability and threat landscape and continually assessing risks
- Proactively identify information security deficiencies or opportunities for improvement and facilitating development of pragmatic solutions
- Working with the DPO to ensure appropriate security is applied to data and provide reports / subject access requests
- Providing an escalation path for information security issues, incidents and enquiries
- Managing relationships with 3rd party Information Security Service Providers
- Managing the security training, induction and awareness program for staff and volunteers across the organisation
- Providing advisory and consulting support to help the organisation improve its security posture and adhere to security policies, expected controls & regulatory requirements
The ideal candidate will have proven experience implementing and managing Information and Cyber Security solutions, either directly for an entity, or on behalf of a service provider. You should have:
- Knowledge of vulnerability management
- Knowledge of Identity and Access management
- Strong technical experience across Firewalls, SIEM tools, vulnerability scanners, network devices and IAM systems
- A recognised IS qualification (e.g. CISA, CISM, CISSP, ISO 27001)
This would be an excellent opportunity for someone who has previously played a contributing role in the establishment of an InfoSec and Cyber function, looking to now lead the creation of a new function themselves.
Information Security Officer - SIEM, SecOps