Information Security Officer - GRC
Recruiter
Listed on
Location
Salary/Rate
Type
Start Date
This job has now expired please search on the home page to find live IT Jobs.
Lead Information Security Officer - GRC
We are looking for an experienced Information Security professional to join a expanding InfoSec team to help provide governance & oversight of their information security risk & control environment. You will be joining an expanding team for a reputable, global business.
You must be able to translate risk recruitments & constraints of the business into security control requirements, as well as to develop metrics for ongoing performance measurement & reporting.
Key Responsibilities:
* To work within IT and wider business teams to assess information security risk, to identify opportunities to reduce risk
* Assist the ISO in the management, maintenance and scope of the ISO 27001 framework
* Manage the reporting framework to produce quality management information for all levels of audience to ensure that quality & relevant reporting is provided to senior management on a timely basis
* Maintain the reporting framework to produce quality management information for all levels of audience to ensure that quality reporting is provided to senior management
* Maintain the information security policy framework, creating a suite of quality policy, standards & guidelines in collaboration with key stakeholders
* Create, manage and own information security assurance framework,
Key Skills & Experience
* Experience in an information security role that focuss around Governance, Risk & Compliance
* Strong analytical skills to analyse security requirements
* Proven expedience & ability to successfully delivery results in accordance to specific deadlines
* Clear ability to engage with technical and non technical audiences at various levels
* Familiarity with relevant UK & international security & privacy regulation & legislation would be advantageous.
* Proven track record of being able to assess and prioritise business imperatives to ensure the team supports both the IT and the firms strategic and functional goals
* Experience of implementing, managing or working with risk management methodologies or common information security management frameworks and standards, such as ISO27001, ISO 31000, CIS, ITIL, COBIT, PCI-DSS or NIST within a regulated environment, performing risk assessments and business impact analysis would be beneficial
This is a great opportunity to work for a business that promotes and pushes progression, to get involved with all aspects of information security and really play a key part in their future moving forward.
Paying p to £55k, this role requires minimal attendance in the office, potentially only a couple of times a month so location within the UK is flexible.
security, IT, analyst Risk, governance, 27001