Information Security Officer - Bulwell, United Kingdom - Nottingham CityCare Partnership CIC

Nottingham CityCare Partnership CIC
Nottingham CityCare Partnership CIC
Verified Company
Bulwell, United Kingdom

11 hours ago

Tom O´Connor

Posted by:

Tom O´Connor

beBee Recruiter
Description

Job Purpose Working within a busy Information Security team, the post holder will work closely with the Head of Information Security & Data Protection Officer to provide a high-quality Information Security and Data Protection Service to CityCare Directorates.

The post holder will assist the Head of Information Security & Data Protection Officer with the submission of the Data Security and Protection Toolkit, whilst aiding the organisation to demonstrate compliance with Data Protection legislation.

The post holder will assist the Head of Information Security & Data Protection Officer in fulfilling their statutory duties.

Dimensions The post holder will plan, coordinate and deliver a range of projects and training programmes including, but not limited to, Data Security Awareness, Records Management and Information Assets.


The post holder will also provide assistance to Managers and Project Leads in the completion of Data Protection Impact Assessments, Data Sharing Agreements and Data Processing Agreements.

The Information Security Officer will assist with the monitoring of policy reviews and support with increasing staff awareness of Information Security and Data Protection measures.

Key Responsibilities To act as a point of contact for information security and data protection queries and requests for support which includes monitoring the shared mailbox and coordinating responses to internal and external colleagues.

To maintain relationships with members of the public and internal / external stakeholders whilst ensuring that queries are dealt with confidentiality and sensitively, effectively and of high standard, whilst using own judgement to decide on the course of action.


To contribute to the development of organisational policies, procedures, and guidance including monitoring of review dates and publication on the organisations intranet and website.

To provide support to Managers and Project Leads in the completion of relevant information security assessments such as Data Protection Impact Assessments, Data Sharing Agreements and Data Processing agreements, ensuring escalation of risks to the Head of Information Security & Data Protection Officer.

To plan, coordinate and deliver a range of projects and training programmes including, but not limited to, Data Security Awareness, Records Management and Information Assets, ensuring specific targets are met.

To work proactively with the organisations Information Asset Owners to ensure that the Information Asset Register/Data Flow Mapping is maintained, risk assessed and up to date and that all Owners are appropriately briefed, trained and supported in their roles, escalating any concerns to the Head of Information Security & Data Protection Officer, and/or SIRO as required.


To support, where required, with data breach / information security incidents, ensuring that Managers are recording in line with the organisations policies and appropriate actions are taken as quickly as possible and are escalated accordingly.

This may also include reviewing audit trails, checking individual accounts and producing relevant reports.

To provide assistance / support with the organisations submission of the Data Security and Protection Toolkit, working with internal and external colleagues to collate the relevant evidence to ensure the organisation can demonstrate compliance.

To assist with the production of a communications plan to raise employee awareness, which could include posters, leaflets, articles and maintenance of the Information Security pages of the intranet.


To provide an administrative support to the Service, and to assist, where necessary, with the administration of the Digital & Information Security Group including agendas, papers, and reports.

To attend relevant Information Security meetings, seminars and conferences as necessary, providing feedback to relevant colleagues and committees and where necessary, deputising for the Head of Information Security & Data Protection Officer.

To develop and maintain strong working relationships with a range of internal and external colleagues, such as the Caldicott Guardian, Senior Information Risk Owner, Digital Leads, Business Intelligence and Cyber Security colleagues.

To support, where necessary, the Subject Access Request process and providing advice as needed.


Undertake any other duties which may reasonably be required within the Service and as delegated by the Head of Information Security & Data Protection Officer, including deputising as required.

More jobs from Nottingham CityCare Partnership CIC
See all jobs of Nottingham CityCare Partnership CIC