Skip to main content

This job has expired

You will need to login before you can apply for a job.

IT Security Officer

Employer
Hays.
Location
United Kingdom, Swansea
Salary
Competitive
Closing date
19 Jan 2022

View more


Permanent
Swansea
Hybrid Working available
£35,000 - £40,000 DOE

I currently have an exciting opportunity to work to work and provide the information security service for my clients CRM UK's Central Government contract by supporting the aims and objectives of the Information Security and Resilience function. This covers the governance, risk and compliance services delivered through the application of policies, processes and procedures certified to the ISO27001 Standard and relevant industry and HMG security standards.

Location: The role will be based in the Swansea area, with the possibility of very occasional travel to customer or supplier sites.

Knowledge / Experience:

Essential:
  • Experience of working in an information security or compliance team or within an ISO27001 certified Information Security Management facility.
  • Professional qualification or a willingness to undertake training and formal qualifications e.g. ISO 27001 Implementer, MoR, NCSC Certified Cyber Professional (CCP) scheme.
  • Practical application of risk management methodologies.
  • Experience of carrying out security compliance checks.
  • Ability to conduct the role with a large degree of independence and integrity.


Primary Accountabilities and Deliverables:

Functional management:
  • Take primary responsibility for:
  • Representing the Information Security and Resilience team by identifying and advising on technical, physical, personnel and procedural risks.
  • Monitoring compliance to ensure that Information Security Management System (ISMS) objectives, legal, statutory, regulatory and contractual obligations are being met.
  • Maintaining organisational security policies, standards and processes using recognised Standards e.g. ISO27001.
  • Regularly reviewing the compliance of information processing and procedures with the security policies and standards.
  • Maintaining the Security Management Plan which sets out the information security obligations for internal and external stakeholders.
  • Developing and producing MI reports for upward reporting to the Head of Security in support of the ISMS.
  • Co-ordinating external audits and ensuring evidence is recorded.
  • Taking a keen interest in expanding knowledge and remaining alert to emerging issues and trends which may impact information security.
  • Attending internal meetings and occasional meetings with the client i.e. DfT.


Support the Head of Information Security in:

  • Following Arvato CRM UK's Security Incident Management Process and investigating, documenting and reporting security incidents.
  • Conducting third party compliance checks.
  • Promoting a strong security culture of following procedures to ensure information security is achieved.
  • Liaising with Arvato CRM UK's Security Operations Centre (SOC) Lead to investigate Events of Interest in support of the Protective Monitoring function.
  • Preparing and delivering ISMS Management Reviews.
  • Deputising for the Head of Information Security when required


Desirable:

Experience of working with HMG Central Government departments or Business Process Outsourcing (BPO). Knowledge of Information Security legal and regulatory requirements e.g. UK Data Protection legislation and HMG/National Cyber Security Centre standards.

Key Measures:
  • Compliance checks are carried out in line with the ISO 27001 internal audit programme.
  • The Framework Agreement contractual obligations are met.
  • The Security Policy tracker is maintained.
  • Security Incident log is maintained.
  • The Corrective Action log is maintained.
  • Targets for completion of security awareness training are met.
  • Information Security and Resilience team procedures are maintained.
  • The Information Security and Resilience team Risks and Issues register is maintained.
  • Audit recommendations are documented and shared with the relevant key stakeholders.


Essential:

  • Ability to communicate in a straightforward, honest and engaging manner, using appropriate styles to maximise understanding and impact.
  • Planning and organising own workload, re-prioritising own tasks line with the Security Management Plan.
  • Showing positivity and enthusiasm towards work, encouraging others to do the same.
  • Establishing professional relationships with a range of stakeholders, collaborating and sharing information, as directed.
  • Ability to deliver service objectives with professional excellence, expertise and efficiency, taking account of diverse customer needs.
  • Excellent written and verbal communication skills.
  • Excellent team working skills.
  • Ability to deliver at pace and act promptly to reassess workloads and priorities when there are conflicting demands to maintain performance.
  • Ability to adapt quickly to new circumstances and seek out new responsibilities and challenges


If this role is for you and you would like to have a confidential chat please don't hesitate to contact me via the below methods:

☎️: 0333 010 5115 / 07526283413
✉️: Louis.White1@hays.com

At Hays Technology and across the Cyber Practice we are shaping the future of recruitment. Cyber security skills have never been needed more, and data security and impenetrable protection for operating models in the cloud are a top priority. By working with organisations of all sizes - from disruptive start-ups to multinational enterprises - we have a unique insight in to how organisations are using non-permanent resource to achieve their technology strategy. So, whether you are hiring for one contractor, a team, or looking to outsource the delivery of an entire project, talk to us today.

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert