Information Security Governance Officer - Birmingham or Leeds - £65,000
The client is prominent within the legal services sector , and they believe at all times the company should underpin the client's needs and business objectives. They are widespread, with offices covering the UK, Europe, Africa, Asia Pacific and the Middle East.
The Information Security Governance team is responsible for creating and implementing the Firm's information security standards and procedures including associated functions, across all operations, practice groups and geographical locations.
The Information Security Governance Officer will be part of a developing and expanding security department within the business. They will play a key role with developing audit methodologies, finalising assurance exercises, monitoring and recording compliance to the policies.
* Working alongside the Head of Information Security Governance, you will develop and implement information security policies and standards, assuring these are compliant with rules and regulations
* You will be required to assist with the governance and compliance of the firms information security policies, standards and procedures
* The role requires you to review the Information Security Governance documentations on a frequent basis, recommending any amendments in line with changes to practices or regulations
* Part of the role will expect you to work as an Information Security Auditor to outline audit frameworks, alongside scheduling and conducting internal audits to validate compliance to the firms policies and standards
* Be able to manage and determine the information security incident process, including investigating or working with other teams within the business to deal with incidents, identify issues and adjust policies when required
* Manage processes for reporting KPI's and other metrics in relation to risk, threats, vulnerabilities, compliance and performance and be able to communicate these to all the appropriate stakeholders and management
* Conduct post-incident investigations and offer advice to address issues and/or amend procedures
* Cooperate with the business and other areas of the Information Security department to guarantee that the right controls are in place to safeguard the information within the firm
* Assist with all security certifications to ensure compliance
* To work collaboratively with the project teams and the PMO to ensure that new project requirements and changes adhere to the security policies.
Experience and Skills
* Higher Education in either a technical or business subject
* Certified Information Systems Manager (CISM)
* ISO27001 experience/qualification and or Audit experience
* Minimum 3 years working experience within Information Security
* Ability to identify and solve issues through audit, risk and incident assessments
* Be confident and pragmatic in your approach to work with the flexibility to respond to daily demands
* Strong communication skills is a must, particularly when conducting audits and reporting findings to relevant members of the firm
* Strong awareness of application security practices, methodologies and tools
* Good working knowledge of information security practices and procedures and how this may impact the business
* You must be able to prove your analytic and problem solving skills
* Capability to plan and prioritise on a daily basis, working to tight deadlines
* Must be a team player, with the ability to work independently, but also willing to seek assistance when necessary
* You must have the ability to work quickly, in a challenging and demanding environment with an ever changing priority list
* Be proactive and confident to come forward with new suggestions with the ability to identify areas for improvement
If you are looking to further your career within an energetic environment, in a firm that is internationally renowned, please send through your CV to Adam Horscraft.
Search is an equal opportunities recruiter and we welcome applications from all suitably skilled or qualified applicants, regardless of their race, sex, disability, religion/beliefs, sexual orientation or age.