Summary of role
The aim of this role is to ensure the protection of data and assets by designing, implementing, and enforcing security controls, safeguards, policies, and procedures whilst ensuring compliance with policies, laws and regulations.
Ensuring that best practice is implemented for information security throughout the group businesses is a key part of this role. Performing day-to-day operations in relation to managing information security systems; this will include the identification, investigation, and resolution of security events will also be part of this role.
This role also requires management and alignment of the information security management system to the ISO27001 and other relevant standards.
- Management and the administration of the ISO27001 information security management system and ensure the business maintains its information security certifications.
- Assist in managing and maintaining security systems and software, including firewalls, intrusion detection systems. Risks and security incidents are addressed and resolved immediately with high efficiency.
- Responsible for maintaining vulnerability scanners, assessment and detection of possible intrusions and remediation of any vulnerabilities identified
- Maintain up to date knowledge of the service technologies and protocols and maintains all the relevant documentation that can be readily presented to the management and the peers.
- Manage security problem tickets. Log and monitor security events.
- Demonstrate vigilance by responding to incidents, tuning procedures, and participating in security assessments and remediation programs.
- Help build a culture of organisational security by working closely with employees.
- Participate in the creation and implementation of policies, standards, and procedures where appropriate.
- Review system logs and interpret the security implications of that activity and devise action plans for appropriate resolution.
- Review and evaluate patch reconnaissance to schedule and apply fixes and security patches.
- Creating, developing, implementing and maintaining security controls to ensure compliance with relevant regulations and laws including: GDPR, EU Privacy Directive and Network and Information Security Directives
Qualifications and Experience
- You have at least 2-4 years’ experience in a relevant field
- Professional qualification in information security and data protection such as the BCS / ISEB, CISSP, CISM qualification or degree
- Previous experience in an Information Security Management or equivalent role
- Management and audit experience in relation to ISO27001 is beneficial
- You possess excellent communication skills
- You have no trouble working alone or as part of a team
- You possess initiative and excellent problem solving skills
- You can manage your time effectively and have the ability to multi-task
- Attention to detail is critical to ensure accurate assessment and management of third-party risks
Salary dependent upon qualifications and experience.
Closing date for applications is Friday 2nd March 2018
Apply for this position
All fields required