Information Security Governance, Risk, and Controls Officer (100% Remote) Salary: £80,000 Benefits Bonus Excellent Pension/Healthcare/Holidays Are you ready to take on new challenges in Information Security? Our client is expanding their Information Security team to tackle a broader range of new projects and infrastructure challenges. This is a fantastic opportunity to join a growing, ethical, and quality-driven organization. As an Information Security Governance, Risk, and Controls Officer, you will play a pivotal role in maintaining and supporting IT security strategies, managing overall IT security governance, and ensuring compliance processes are met. This is a 100% remote role offering the flexibility to work from anywhere while still being part of an innovative, fast-growing organization. Key Responsibilities: Conduct system and process audits to ensure appropriate security controls. Provide security advice based on industry best practices to IT or Systems Owners. Assess and evaluate risks for new suppliers, software, systems, or technologies. Perform penetration testing and analyze IT requirements to ensure best-practice security. Identify and mitigate network vulnerabilities; monitor for potential security breaches. Stay current on the latest developments in security and emerging cyber threats. Plan, test, and maintain disaster recovery, business continuity, and contingency plans. Monitor system logs, identity and access management, API security, and software libraries. Maintain security systems, conduct training, and leverage advanced analytic tools. Conduct phishing simulations, and internal audits, and investigate security alerts. Liaise with stakeholders, generate reports and maintain an information security risk register. Assist with audits, compliance, and retention of ISO27001, Cyber Essentials Plus, and more. Managing Compliance, Quality, and Risk: Implement internal and external audit requirements, and maintain accurate process maps. Ensure compliance with ISO27001, Cyber Essentials Plus, and internal governance processes. Other Responsibilities: Adhere to Financial Conduct Authority Individual Conduct Rules. Experience and Qualifications: At least 5 years of experience in Information Security. Relevant certifications (CISSP, CEH, CISM, etc.). Strong problem-solving skills and a solid understanding of GDPR. Experience with cloud-based services is highly desirable. Must have the right to work in the UK. This role offers you the opportunity to work remotely while being part of an organization that understands the complexities of modern software, applications, and system delivery. If you're looking to further your career in information security while taking on diverse and exciting challenges, apply now