Information Security Officer - Newcastle Upon Tyne, United Kingdom - Careers In Group

Careers In Group
Careers In Group
Verified Company
Newcastle Upon Tyne, United Kingdom

3 weeks ago

Tom O´Connor

Posted by:

Tom O´Connor

beBee Recruiter
Description

The OpportunityAn exciting opportunity has arisen for an experienced and passionate Information Security professional to join this rapidly growing tech company. Leading and shaping the company's security roadmap, you'll ensure the business remainsvigilant to, and ahead of, the ever-changing threats, meeting the increasing demand to protect its data and systems.

Though based in Newcastle, so as long as you're able to be there when required, the company operates a flexible hybrid model, where on averageyou will be there 2 days per week.
The RoleIn this newly created role, the Information Security Officer will provide focus and expertise around assessing the company's security posture and be responsible for presenting to, and advising the board aroundthe associated risks.

You will be responsible for creating, delivering and managing a security roadmap as well as ensuring compliance to regulatory standards.

You will also work closely with the technical teams, advising on security practices when, for instance,in bidding for new work.


Specifically you will:

  • Establish and continually improve the company's ISMS (certified to ISO27001 standard)
  • Establish, maintain and perform due diligence of vendor security.
  • Design and roll out security policies, guidelines and controls, aligned to ISO2700
  • Measure and manage compliance with applicable laws, regulations and best practices
  • Develop and put in place security awareness and education initiatives
  • Provide actionable guidance to all our people on security best practice and actions
  • Establish and develop vulnerability and incident management capabilities
  • Lead and coordinate responses to security incidents, investigations and potential breaches when needed
  • Identify, manage and mitigate key security risks
  • Measure and report on the company's security posture and status
  • Stay up to date with industry trends, threats and technologies, and propose improvements
  • Support, and where relevant lead, audit activities
  • Work with technical teams and third parties to provide guidance on secure practices
  • Coordinate activities such as pentesting

The RequirementsAs an ambitious and passionate Information Security professional, will have broad experience across all pillars of information security from threat management and security controls, to vendor due diligence and risk management. With theability to thrive on working in a fast paced tech environment, you will see security as an enabler to gain competitive advantage, client confidence and business agility and be capable of driving initiatives that allow a business to stay ahead of ever-changingthreats. With the experience of establishing and sustaining a healthy security culture through education and awareness, you will be an excellent communicator, who can adapt to their audience.


In addition you will be:

  • Consultative and possess a collaborative approach to working with others
  • Inquisitive, with good analytical and problemsolving skills
  • Able to prioritise based on risk and value
  • Capable of planning defining and executing tangible change
Any Information Security certifications, such as CISM or CISSP, will be beneficial though not essential.
More jobs from Careers In Group
See all jobs of Careers In Group