Salary: 39,133.93 - 39,133.93 GBP per year Requirements:
* We seek candidates for the IT Security Officer role who possess at least a Bachelor's (or higher) Degree in Computing or a relevant discipline related to Information Systems, Information Technology, Cyber Security, or Network Administration. Additionally, all applicants must have a minimum of 3 years' experience in the following areas:
* Working across a multi-discipline technology stack, including cloud environments (Azure/AWS), firewalls (On-premise/Cloud services), intrusion detection/prevention systems, security information & event management tools (SIEM), data loss prevention (DLP), endpoint management, networking, protocols & vulnerability management, encryption & identity management, policy creation, and the development and delivery of Cyber Security training.
* Roles concerning Security Operations, Incident Response and Investigation, Risk Management, and/or Network Security and Architecture.
* Working knowledge/experience of information security management systems (ISMS).
* We also require candidates to possess a professional certification aligned with the responsibilities of the role, such as Certified Information Systems Security Professional (CISSP) or Certified Cloud Security Professional (CCSP). Alternatively, candidates with at least 6 years of experience in a cyber security role, demonstrating progressive experience in technical and operational aspects of Cyber Security, may apply, provided they meet the other experience requirements and certification expectations.
Responsibilities:
* As the IT Security Officer, you will lead the Assembly's Information Technology Security functions to ensure compliance with legislation and best practices. Your primary responsibilities will include:
* Collaborating with the Head of IT to develop and implement the Assembly Commission's IT vision and action plan, supporting digital transformation through a robust project management framework.
* Leading a comprehensive technical information security program, including defining security best practices aligned with organizational goals and compliance requirements.
* Conducting regular risk assessments to identify vulnerabilities, developing risk mitigation strategies with the Data Protection and Governance Officer, and providing informed advice to senior management.
* Managing daily operations of security systems (e.g., firewalls, intrusion detection/prevention systems, endpoint protection, SIEM) and ensuring the secure adoption of new technologies.
* Overseeing compliance with relevant regulations and industry standards, leading and preparing for internal and external security audits, and documenting compliance statuses.
* Assessing and managing security risks associated with third-party suppliers, conducting audits, and mitigating risks through appropriate controls.
* Maintaining detailed documentation of security policies, procedures, and incidents for auditing purposes and leading the team in proactive technical monitoring of system logs.
Technologies:
* AWS
* Azure
* Cloud
* Support
* Network
* Security
More:
This is an exciting opportunity to join a dynamic and evolving team within the Information Systems Office. The successful candidate will play a vital role in safeguarding the Assembly Commission's information assets and ensuring a proactive stance against evolving cybersecurity threats. This role is essential in a rapidly changing technical environment and offers the chance to engage in significant strategic, operational, and technical challenges. Join us and be a key player in enhancing our information security posture in support of our mission.