Overview
Do you want to help enrich the lives of learners worldwide?
At RM, we’ve been pioneers of education technology since 1973. We provide technology and resources to the education sector supporting over 10 million students around the world. We work with 28,000 schools, nurseries, and education trusts in 115 countries to deliver customer-centric solutions that improve education outcomes worldwide.
What we do helps learners at all stages of their lives, from preschool to higher education and professional qualification. We partner with schools, examination boards, central governments, and other professional institutions to enrich the lives of learners.
Job Context & Purpose
RM plc is a £211m group of businesses, with c. 1,990 employees globally. Established in 1973, RM provides market-leading products and services to educational institutions, exam bodies, and international governments which improve, simplify, and support education and learning.
RM Group operates through three businesses: Technology (Managed Services, Software, and Infrastructure for Schools), Assessment (Software and Services), and Education Resources.
RM’s Technology business (www.RM.com/education) is a market-leading supplier of ICT software, technology, and services to UK schools and colleges to deliver a technology environment that improves learning outcomes and makes the most of IT investment.
During 2022, a new strategic ambition has been laid out for the business under a new Managing Director.
The Role
Due to strategic changes in the business, combined with the need to achieve certification against ISO 27001:2022, the business requires a dynamic and experienced professional to lead us through all aspects of the process.
As our ISO 27001 Lead, you will take a “hands-on” approach, reviewing all aspects of our existing scope and ISMS and conducting a gap analysis of current versus future state. You will work with key stakeholders and Senior Leaders to define and implement systems that meet the needs of the business for 2025 and beyond.
You will establish and lead an appropriate programme of internal readiness audits to identify and remedy any gaps and take the lead role during engagement with our certification partner to ensure that RM meets or exceeds the requirements of the standard with the end goal being to achieve certification by July 2025. You will establish and embed the necessary systems and processes to maintain these into the future, ensuring that the strategic value of ISO 27001 is recognized and valued by the business.
You will work within the Deliver Operations & Standards Office (DOSO) reporting to the Service Delivery & Standards Manager.
Responsibilities
Main Responsibilities include but are not limited to:
* Analyse and evaluate the existing ISMS and SOA for the business against emerging business goals and strategy.
* Formulate and execute a detailed plan to achieve ISO 27001:2022 certification, incorporating the latest standards and practices.
* Project manage all aspects of the activity establishing and agreeing project timelines and key milestones with key stakeholders and Senior Leaders.
* Provide Senior Leaders with regular progress updates on our certification journey.
* Establish and lead an appropriate programme of internal readiness audits to identify and remedy any gaps in compliance with the requirements of the standard.
* Take the lead role during engagement with our certification partner to ensure that RM meets or exceeds the requirements of the standard.
* Facilitate the external certification process, preparing all necessary documentation and evidence for auditors.
* Create, manage, and maintain a living ISMS that meets or exceeds the requirements of ISO 27001 that is tailored to RM’s operational context.
* Ensure the continuous development, review, and maintenance of information security policies, processes, procedures, standards, baselines, and guidelines to support certification attainment and ongoing compliance.
* Drive continual service improvement of the ISMS.
* Be the face and subject matter expert for ISO 27001 within the business ensuring that the business is engaged and aware of the criticality of certification and the wider value and benefits to the business.
* Where appropriate, mentor and guide staff on matters of information security.
The role and its responsibilities can be expected to evolve over time.
Experience
Skills and Experience
You will have proven experience of:
* Successfully leading an organization through the ISO 27001:2022 certification journey.
* Implementing, managing, and maintaining an ISMS.
* Planning, conducting, and reporting internal audits in accordance with ISO 19011.
* Working with/supporting adjacent Management Systems including ISO 9001 and ISO 22301.
You will be:
* A strong collaborative team player, able to work well with others to ensure all functions work in concert to deliver business strategy and outcomes.
* A practical problem solver with the ability to manage and resolve complex issues arising from people, process, and technology.
* A confident communicator and influencer, motivated by managing a wide range of business relationships including internal stakeholders at all organizational levels and external audit/certification bodies.
You will have:
* Attended and completed relevant industry training and certification including but not limited to:
* BSI Lead Implementer Training (ISO/IEC 27001:2022) or equivalent.
* BSI Internal Auditor (ISO 27001:2022) or equivalent.
What’s in it for you?
At RM we have "My Work Blend @RM" which provides office-based colleagues with multi-location and hybrid working options to suit them. As well as your office base, you can spend a proportion of your time working at other locations in the UK that suit your role and your life, including home, other offices, customer sites, distribution centres, or on the move. We encourage you to discuss arrangements for this role with your potential line manager during the recruitment process.
As well as a competitive salary and our core benefits package which includes private medical healthcare, life assurance, and a Group Personal Pension Plan with higher contribution levels available, some roles are also eligible for a performance-related bonus. There are lots of voluntary benefits too. You could buy additional annual leave, join our dental plan, sign for a health assessment, or take part in our cycle to work scheme. You could even earn yourself an extra bonus for successfully recommending a friend or family member for a position within RM.
To better reflect the society that we serve, we’re committed to building a diverse workforce and creating an inclusive and welcoming environment for all. To achieve this, we create teams of talented people from different backgrounds and experiences and strive to be a business where our people can bring their whole selves to work. We also want to make the recruitment process as inclusive as possible for everyone. Should you require additional support with your application or through the interview process, please contact us at recruitment@rm.com.
Unfortunately, we are unable to offer sponsorship for this role.
#J-18808-Ljbffr