Company:
In Technology Group
Location: Birmingham
Closing Date: 21/11/2024
Salary: £45000 - £55000/annum Free Parking, Company Shares, Paid C
Hours: Full Time
Type: Permanent
Job Requirements / Description
Job Title: Information Security Officer Salary: £45,000 to £55,000 Location: Birmingham
Overview:
Our client, a provider of IT Managed Services and IT infrastructure solutions, is looking for an experienced Information Security Officer to join their team. With clients across the UK, Europe, and APAC, including private corporations and government organizations, the company operates a security-first culture, which is crucial to its success. Their IT solutions focus on Dell products, Cisco networking, Citrix, Microsoft, and their in-house cloud platform.
In this role, you will maintain, improve, and operate the Information Security Management System (ISMS) while helping to strengthen the company's security-first approach. You'll work closely with the Director of Security to implement security policies, provide user training, raise security awareness, and manage auditing processes.
Key Responsibilities:
Maintain the ISMS & ISO27001 Certification: Ensure the organisation meets industry standards and regulations, including ISO27001 and Cyber Essentials Plus.
Conduct Security Audits: Oversee internal audits, ensuring compliance across all departments and with partners.
Risk Management: Identify, assess, and manage security risks, developing strategies for risk mitigation and managing risk throughout its lifecycle.
Security Policy Implementation: Create, update, and manage security policies, ensuring they align with the latest industry standards and regulatory requirements.
Compliance Management: Keep up to date with evolving laws and regulations (GDPR, ISO27001, Cyber Essentials) and ensure organisational compliance.
Security Awareness & Training: Develop training initiatives and promote company-wide security awareness, helping employees stay informed about security risks and best practices.
Support Security Operations: Assist teams in improving customer security capabilities and managing compliance audits.
Continuous Improvement: Proactively drive improvements in the company's security framework and reduce security incidents through a forward-looking risk management process.
What Success Looks Like:
Maintaining ISO27001 and Cyber Essentials Plus certifications
Expanding the ISO27001 scope to cover data centres, cloud services, and other growing areas of the business
Proactively identifying and mitigating security risks
Enhancing security awareness across the company
Continuous improvement in security processes and a reduction in security incidents
Skills & Experience:
Essential:
Experience managing and maintaining an ISO27001 information management system
A minimum of 3 years in an information security role
Strong understanding of information security risks and experience presenting to senior management
Expertise in the Cyber Security industry and strong communication skills to simplify complex risk issues
Passionate about information securityDesirable:
ISO27001 Lead Auditor or Implementer qualification
Certifications: CISSP, CISM, CRISK, ISSMP, NIST, or similar
Experience managing Cyber Essentials and Cyber Essentials Plus certifications
Demonstrable commitment to personal and professional development
Colleague Benefits:
25 days paid leave + Bank Holidays
Contributory Pension Scheme (up to 7% with length of service)
Tailored personal development plans
Fully or partially funded training
Free parking (if office-based)
Laptop and company mobile phoneIf you're a skilled security professional with a passion for driving forward a security-first culture, we'd love to hear from you. Apply now by submitting your CV and any other relevant information.
In Technology Group Ltd is acting as an Employment Agency in relation to this vacancy
Share this job
Useful Links