Job Overview:
Working with the IT Infrastructure team to provide advice and guidance on IT security and further develop IT policies and processes across a multi-region infrastructure consisting of 6,100+ staff and 90+ sites.
As a member of the Information Security team, you will review aspects of Information and Cyber Security and its components. You will be required to proactively improve and provide advice and guidance on information security matters.
This position also entails support and development of the company’s IT policies and security solutions.
Overall Requirements:
* Education Requirements: None but degree preferred or commercial exposure.
* Experience Requirements: Professional Level of ability.
* Industry: Technology.
* Job Location: Horsforth, LS18 4RF.
* Qualifications: CISSP or CISMP.
* Work Hours: 35 hours.
* Salary: £50,000 plus benefits.
* Free parking.
Principal Duties, Responsibilities & Accountabilities:
Responsibilities will include:
* Maintaining and improving the Cyber Essentials Plus Security Standard.
* Assist and report on the technical aspects of security management.
* Fully participate in internal governance activities relating to Information Security.
* Propose changes to existing policies and procedures to ensure operating efficiency and regulatory compliance.
* Co-ordinate the population of information asset inventories.
* Identifying security non-conformities.
* Design, enhance and manage security-related procedures.
* Recommend and co-ordinate the implementation of security controls to support and enforce defined security policies.
* Liaise with relevant teams in specialist areas to manage security, contractual and regulatory requirements.
* Provide the Information Security Manager with feedback on the security program and security projects that address identified risks and business security requirements.
* Track issues and agreed actions to completion, escalating issues to the Information Security Manager.
* Provide security communication, awareness, and training for audiences which may range from senior leaders to field staff.
* Work with various stakeholders to identify information asset owners to classify data and systems as part of a control framework implementation.
* Consult with IT and security staff to ensure that security is factored into the evaluation, selection, installation, and configuration of hardware, applications, and software.
* Support the design and testing of new or updated information security hardware or software and analyse its impact on the existing environment.
* Manage security projects and provide expert guidance on security matters for other IT projects.
* Perform daily threat intelligence checks.
Duties will vary and be revised due to the nature of the IT Support environment (the above is a guide and not a comprehensive list of responsibilities).
Core Technical Experience:
* Comprehensive experience including in-depth knowledge in a security or risk management role.
* An excellent understanding of enterprise information security and a good working knowledge of standards including Cyber Essentials, ISO 27001, 27002, Data Protection Act, and the General Data Protection Regulation.
* Experience of formal document creation, including the creation of security policies, reports, and procedures.
* Experience of carrying out risk reviews, technology audits, or other similar work.
#J-18808-Ljbffr