Our large end user client is seeking an Information Security officer whose role will primarily be responsible for creating and managing our clients Information Security Risk and Governance programme. You will also act as a subject matter expert on Information Security.
The ideal candidate will have strong communication skills with a collaborative approach that will demonstrate the value of communications and stakeholder engagement.
- Creating policies and procedures in line with the ISO27000 series standards
- Working with operations teams to create policies and procedures aligned to business processes
- Liaising with other areas of the business to capture information security concerns and risks
- Manage penetration test and vulnerability management schedule
- Audit compliance against our client’s policies and procedures
- Providing InfoSec metrics and reporting
- Manage Information Security audits from third parties as well as internal and external auditors
- Working with the Information Security Engineer to advise other areas of our clients on Information Security, including IT operations, architecture and solutions
- Supporting the Head of Information Security and Information Security Engineer
- Manage the InfoSec Risk Register from risk entry to closure
- Build a shared knowledge database for InfoSec
- Joining and maintaining relationships with industry and information security bodies, such as CiSP, NIST, SANS, US-Cert, NCSC, ENISA
- Excellent verbal and written communication skills
- Strong stakeholder management skills
- Ability to effectively prioritise and deliver in a demanding manufacturing environment
- Self motivated with the ability to work on own as well as part of a team
- Proactive, shows initiative and takes ownership
- Strong problem solving skills
- Detailed analytical approach
Candidates must be eligible to work in this country.