|Listed on:||15th November|
This job has now expired please search on the home page to find live IT Jobs.
Data Security and Compliance Officer - Maternity Cover Contract
Circa £45,000 per annum depending on experience
About The Organisation
Our client is mad about organic veg. It's at the heart of everything they do. They love to grow it, pack it into their iconic veg boxes and deliver it to around 50,000 homes across the UK every week.
Our client's organisation began in 1987, with one field of organic veg, a wheelbarrow and a beaten-up 2CV for deliveries. They've grown into a thriving e-commerce business, with four organic farms, two packhouses, a fleet of vans and drivers, a wholesaler, a butchery and an award-winning restaurant. This requires loads of brilliant people; they employ in areas including IT, logistics, sales, HR, finance, marketing and more besides!
In 2018, our client became employee owned, ensuring their independence and protecting their values forever. Working for them makes you a ‘co-owner'; every individual is valued, and every voice is heard. Join our client and live life on the veg.
What you'll be doing
As our client's Data Security and Compliance Officer, you'll lead the specification, development, implementation and evolution of data and security compliance, driving culture change - from within IT, to the whole organisation, including remote sites and 60+ franchisees.
Reporting directly to the Chief Technical Officer, you will be highly autonomous, and carry the authority to ensure that data security and compliance is appropriately prioritised.
You will own and maintain the organisation-wide policies and data lifecycles and will put in place appropriate approaches and solutions to ensure their enforcement, including physical security mechanisms where necessary. Finally, you will work with the HR department to specify and deliver training and development objectives to make our client a leader in the field.
You will be comfortable suggesting and defending approaches and care about improving processes, approaches and technology. Most of all though, you will want to work with like-minded and highly capable people to deliver fantastic ethical products secured by YOUR systems and policies.
This is a 12 month fixed-term contract covering maternity, working 40 hours a week (usually 8:30am to 5:00pm).
What you should know
Our client is less concerned about specifics and decades of experience than they are about cultural fit and the ambition and capability to learn and develop your skills. If there is something on their list which is out of your comfort zone, that's fine, but they'll expect you to pick it up and run with it should you join them! That said, here are our client's ideal skills for this role:
- GDPR, DPA 2018, PECR - data protection, security and compliance
- PCI-DSS - transacting £75m+pa and PCI-DSS compliance is paramount (ROC reporting level)
- DLP - ensuring data remains protected against breach
- Threat & risk analysis - identification, assessment and documentation
- Cybersecurity management - DDoS, malware, virus & phishing prevention
- Testing - network, vulnerability reporting and penetration testing
- Data lifecycles & governance - ensuring data is appropriate and accurate
- IAM - ownership of permissions across 10's of systems
- SIEM - managing security events, resolution and communication
- GDPR Article 15 & 17 - ensuring requests are handled quickly and diligently
- Policy - IS, privacy, sharing and related policy documentation
- Audit - confirming continued application of and conformation to policy
- Business process analysis - manufacturing, e-commerce, finance
- Culture and change management - bringing people on the journey
- CISSP / OSCP / CCP / Practitioner Certificate in DS / ISO 27701 - a certified professional qualification is desirable
- Implementation - you should be unafraid of getting your hands dirty
- Training - facilitating and delivering upskilling around data security
- Presentation - you will be confident delivering monthly KPIs to the board
- Agile / Lean - they make small frequent change quickly delivering value
- Company/organisation DPO experience
- Data breach/incident mgmt - reporting in line with the ICO guidance, risk assessment and inhouse learning & breach mgmt
Skills & experience
You'll have a solid degree in either a data or legal related subject and experience working within data security and compliance with a wide-ranging remit to audit, implement and deliver cultural change within a complex organisation.
You will be experienced working to deliver data security and compliance within complex company structures, working with many departments and teams, along with acting as a stakeholder for security within software development projects. Most importantly, you will have made a difference in previous roles, contributed real value and helped to deliver real policy, technical and cultural change.
Our client wants to hear from you if you've worked as a Data Security & Compliance Manager, Data Governance Officer, Data Compliance Manager, Data Security & Compliance Engineer, or Data Governance Manager.
Our client's location is a beautiful place to work, with lots of great people - and other benefits too:
- 33 days' holiday per annum (including Bank Holidays)
- Generous company pension scheme
- Annual profit share; 10% of all profits are split equally between all co-owners
- 25% off everything they sell
- Heavily discounted organic breakfasts and lunches, home-cooked by our client's chefs
- Free organic fruit and veg!
- Enhanced maternity/paternity
- Lots of free co-owner events, from cooking lessons and BBQs, to two massive parties a year
So, if you think you'd fit in with our client's team as their Data Security and Compliance Officer, please apply via the button shown. This vacancy is being advertised by Webrecruit. The services advertised by Webrecruit are those of an Employment Agency.