Information Security Auditor

Working in the IT Operations team to support the IT security network estate of around 800 colleagues across 5 sites. Our Head office is based in Manchester(Sale) but we have 4 other sites on our network estate based in Manchester City Centre, Rutherglen, Leeds and Grimsby . We take pride in protecting our IT environment and have the best-in-class SIEM solutions, we are consistently reviewing our Audit portfolios.

As the Information Security Auditor, you will work alongside the IT Security Analyst to help with the facilitation of external audits governance, maintenance of existing accreditations, working towards ISO 27001.

An Information Security Auditor should be an enthusiastic, self-motivated team player with a passion for IT security governance.

Reports to: IT Service Delivery Manager

Responsibilities of the role (What we want you to do)

• Maintain the companies Information Security Management System (ISMS) as part of ISO 27001.
• Ensure that IT risks are regularly reviewed, correctly identified, assessed, and reported, and mitigated in line with recommended best practices using BPA
• Creation and maintenance of the Information Security Policy framework (mandate, policies, standards, guidelines etc) ensuring these are embedded into the Business.
• Keep up to date with relevant Legal, Regulatory or Compliance obligations that would affect the company’s security posture.
• Facilitation of external audits.
• Understand the SIEM solution tools we use to report on threat attacks and manage alerts.
• Know in depth CIS control sets and how we can adhere to them to harden our network.

Success Measures

• Achieve all agreed objectives with positively trending relative key performance indicators
• Shows consistent delivery and continuous improvement in knowledge and understanding of IT security systems
• Desire to get the company accredited in ISO and other Cyber Security certificates
• Able to demonstrate strong documentation and building out governance policy skills.

What you need to have already done to be right for this role

• Knowledge of industry standards: ISO 27001, PCI DSS, Cyber Essentials, ITIL.
• Knowledge and experience in the facilitation of DCC Smart Energy Code audits (VUSA, FUSA and SSA).
• Knowledge of Information Security, Information Governance, Information Security Risk Management and Data Protection within the telecommunications/utilities sector.
• Experience with IT Vendor Risk Management conducting third party due diligence and supplier reviews.
• Experience of carrying out risk reviews and audits.

Skills

• A commitment to producing a high quality of work including competence, accuracy and thoroughness
• Works at pace, improving productivity through ensuring the completion of assigned tasks in a timely manner
• Demonstrates good communication skills working well with and communicating / escalating issues to the wider team
• Demonstrating good team working skills including working well with colleagues from around the business, being able to adopt appropriate escalation and provide support to the business on various projects
• Use initiative to logically understand, solve problems and seek out new IT security pathways.
• Be dependable through good time keeping, attitude to work, meeting deadlines and being able to work autonomously
• Show a commitment to improving their knowledge of IT Security and Verastar systems
• Building and maintaining positive rapport with all Verastar employees
• Has a "can do" attitude

Qualifications and other requirements

• At least 3 years’ experience in an IT Security Auditors role
• Location: Within commuting distance of Verastar HQ, Sale, Manchester
• IT literate, with knowledge of the effective use of Microsoft 365 products and related technologies
• Exposure to ISO 27001, SOC2, CompTIA Security+, CEH, ISACA Qualifications would be a distinct advantage

In return for your hard work, you’ll get

It takes all kinds of people to make Verastar the success that we are, and we’ve got a range of benefits to make sure everyone is happy.

• Pension contributions and life assurance coverage.
• Generous discounts at numerous high street and online retailers.
• 25 days of annual leave, increasing to 28 days based on tenure.
• Enjoy your birthday off every year.
• Ability to purchase up to 10 additional holidays and sell up to 5 days per year.
• Cycle to work and travel loans for people wanting a greener commute.
• Comprehensive well-being support, including round-the-clock access to a GP, mental health assistance, fitness programs, and complimentary legal and financial advice.

The important extras

• Hybrid working model: the choice to work remotely for three days.
• Engage in charity fundraising and volunteering activities as part of our giving back initiative.
• Enjoy fantastic on-site amenities including a complimentary gym, free parking, a subsidized café, and an on-site bar for post-work drinks, quiz nights, and social gatherings.
• Full time/Permanent contract of 37.5 hours per week.
• No weekends and every bank holiday off.

What happens next?

If you’re looking for a new challenge with great benefits at an award-winning company, then Verastar is the place for you. To be part of our continued success click ‘Apply’ today to take the next step in your career.

Across the Verastar Group, we are dedicated to fostering an inclusive environment and embracing our diversity. We are on the lookout for skilled individuals who share our values to join our teams.

All successful candidates will be subject to pre-employment checks.

#LI-KB1