|Listed on:||2nd October|
|Salary/Rate:||£45 - £45|
|Salary Notes:||depending on experience|
|Contact Name:||Candidate Service|
Data Security and Compliance Officer - Maternity Cover Contract
Circa £45,000 per annum depending on experience
About the organisation
Our client is mad about organic veg. It's at the heart of everything they do. They love to grow it, pack it into their iconic veg boxes and deliver it to around 50,000 homes across the UK every week.
The organisation began in 1987, with one field of organic veg, a wheelbarrow and a beaten-up 2CV for deliveries. Our client has grown into a thriving e-commerce business, with four organic farms, two packhouses, a fleet of vans and drivers, a wholesaler, a butchery and an award-winning restaurant. This requires loads of brilliant people; our client employs in areas including IT, logistics, sales, HR, finance, marketing and more besides!
In 2018, the business became employee owned, ensuring their independence and protecting their values forever. Working for our client makes you a ‘co-owner'; every individual is valued, and every voice is heard. Join our client and live life on the veg.
What you'll be doing
As the Data Security and Compliance Officer, you'll lead the specification, development, implementation and evolution of our client's data and security compliance, driving culture change - from within IT, to the whole organisation, including remote sites and their 60+ franchisees.
Reporting directly to the Chief Technical Officer, you will be highly autonomous, and carry the authority to ensure that data security and compliance is appropriately prioritised.
You will own and maintain the organisation-wide policies and data lifecycles and will put in place appropriate approaches and solutions to ensure their enforcement, including physical security mechanisms where necessary. Finally, you will work with the HR department to specify and deliver training and development objectives to make our client a leader in the field.
You will be comfortable suggesting and defending approaches and care about improving processes, approaches and technology. Most of all though, you will want to work with like-minded and highly capable people to deliver fantastic ethical products secured by YOUR systems and policies.
This is a 12 month fixed-term contract covering maternity, working 40 hours a week (usually 8:30am to 5:00pm).
What you should know
Our client is less concerned about specifics and decades of experience than they are about cultural fit and the ambition and capability to learn and develop your skills. If there is something on the list which is out of your comfort zone, that's fine, but our client will expect you to pick it up and run with it should you join them! That said, here are their ideal skills for this role:
- GDPR, DPA 2018, PECR - data protection, security and compliance
- PCI-DSS - transacting £75m+pa and PCI-DSS compliance is paramount (ROC reporting level)
- DLP - ensuring data remains protected against breaches
- Threat & risk analysis - identification, assessment and documentation
- Cybersecurity management - DDoS, malware, virus & phishing prevention
- Testing - network, vulnerability reporting and penetration testing
- Data lifecycles & governance - ensuring data is appropriate and accurate
- IAM - ownership of permissions across 10's of systems
- SIEM - managing security events, there resolution and communication
- GDPR Article 15 & 17 - ensuring requests are handled quickly and diligently
- Policy - IS, privacy, sharing and related policy documentation
- Audit - confirming continued application of and conformation to policy
- Business process analysis - manufacturing, e-commerce, finance
- Culture and change management - bringing people on the journey
- CISSP / OSCP / CCP / Practitioner Certificate in DS / ISO 27701 - a certified professional qualification is desirable
- Implementation - you should be unafraid of getting your hands dirty
- Training - facilitating and delivering upskilling around data security
- Presentation - you will be confident delivering monthly KPIs to the board
- Agile / Lean - our client makes small frequent change quickly delivering value
- Company/organisation DPO experience
- Data breach/incident mgmt - reporting in line with the ICO guidance, risk assessment and inhouse learning & breach mgmt
Skills & experience
You'll have a solid degree in either a data or legal related subject and experience working within data security and compliance with a wide-ranging remit to audit, implement and deliver cultural change within a complex organisation.
You will be experienced working to deliver data security and compliance within complex company structures, working with many departments and teams, along with acting as a stakeholder for security within software development projects. Most importantly, you will have made a difference in previous roles, contributed real value and helped to deliver real policy, technical and cultural change.
Our client wants to hear from you if you've worked as a Data Security & Compliance Manager, Data Governance Officer, Data Compliance Manager, Data Security & Compliance Engineer, or Data Governance Manager.
Our client provides a beautiful place to work, with lots of great people - and other benefits too:
- 33 days' holiday per annum (including Bank Holidays)
- Generous company pension scheme
- Annual profit share; 10% of all profits are split equally between all co-owners
- 25% off everything our client sells
- Heavily discounted organic breakfasts and lunches, home-cooked by our client's chefs
- Free organic fruit and veg!
- Enhanced maternity/paternity
- Lots of free co-owner events, from cooking lessons and BBQs, to two massive parties a year
So, if you think you'd fit in as a Data Security and Compliance Officer, please apply via the button shown. This vacancy is being advertised by Webrecruit. The services advertised by Webrecruit are those of an Employment Agency.