Job Introduction
As an Information Security Compliance Officer at Sodexo, you'll be a driving force for a range of information security projects, from gaining critical security accreditations to improving our risk profile and information security compliance across the organisation. You'll also take on a wide variety of day-to-day responsibilities, including delivering technical security audits across the large, complex technology landscape of Sodexo UK&I, maintaining the ISMS and its ISO27001 certification, and helping business stakeholders to take appropriate decisions through your risk assessments.
What you’ll do:
1. Manage Sodexo’s Information Security Management System (ISMS) and other information security compliance activities to maintain various certifications, including ISO27001, Cyber Essentials + and PCI DSS.
2. Conduct Information Security Third Party Assurance on Sodexo suppliers to mitigate Risk throughout the lifecycle of supplier relationships.
3. Support the wider Sodexo business with appropriate action plans and risk assessments for new contracts and other activities.
4. Improve Sodexo UK&I's information security practices by engaging with Sodexo Global colleagues, leveraging knowledge and technology from the wider business to improve regional practices.
What you bring:
1. Experience creating ISMS documentation to gain ISO27001 certification.
2. Practical experience of Cyber Essentials +, PCI DSS and UK government accreditations.
3. Prior work performing internal or external IT and security audits, as well as dealing with third party supplier audits.
4. Ideally experience working with information security tools and platforms such as OneTrust or Security Scorecard.
5. The ability to achieve UK SC security clearance is a requirement of this role.
What we offer:
1. Competitive Salary + Bonus + Excellent benefits package.
2. Flexible and dynamic work environment.
3. Access to ongoing training and development programs.
4. Countless opportunities to grow within the company.
#J-18808-Ljbffr