Information Security Officer

  • Permanent
  • Remote (1 day p/w in Bristol), Avon
  • Posted 7th January 2022
  • £48,000-50,000 p/a + Remote Working + Excellent Benefits
  • Ref: INFOSEC211

Information Security Officer required by national market leading organisation with 4 days remote, 1 day in Central Bristol (7-8 minute walk from Bristol Temple Meads Train Station). The Information Security Officer will be responsible for identifying and mitigating the major information security risks for the business and ensure compliance against specific regulatory and best practice standards. You will be working closely with the Head of Information and Cyber Security and in line with ISO27001 certification and regulatory and client requirements. 

Our client will invest in your career. You will receive on-going training to ensure you develop your commercial and technical skills to allow you to deliver the varied workload to a high standard. As a member of our Support team you will be a vital part of our clients continued success.

Main Responsibilities:

  • Acting as the deputy for the Head of Information and Cyber Security
  • Continue the enhancement and implementation of information security and data processing policies and standards across the business and in particular, auditing and maintaining ISO27001 processes and accreditation
  • Manage and implement internal, client and external info sec audits
  • Maintain the internal policy and procedure bank
  • Offer training on aspects of information security policy to the business as required.
  • Research and evaluate emerging security threats and ways in which to manage or mitigate them.
  • Work closely with multiple 3rd-party suppliers to ensure any risks are understood and mitigated against.
  • Offer advice and guidance to internal stakeholders to ensure best-practice is always followed.
  • Managing the compliance and vulnerability management platforms for both on prem and cloud-based assets.
  • Managing third party penetration testing including scoping, analysis, remediation planning and tracking.
  • Identifying weaknesses in security tools, process and procedures and provide recommendations to resolve.
  • Supporting the assessment of the security posture of the organisation and be able to give sounds advice for security tooling in place and new technologies.
  • Keep up to date with current cyber security risks and mitigation techniques

Ideal Background:

  • Proven experience of having managed an Information security management system (ISMS) and maintaining ISO27001 certification in a multi-site operation
  • Solid understanding of IT and experience in developing IT governance, controls and best practice processes in the form of the IT infrastructure library (ITIL) and IT service management certification (BS ISO/IEC 20000)
  • Considerable experience in undertaking a range of internal and third party audits around Information security, data protection and IT governance and controls
  • Experience in developing physical security best practice processes and controls
  • Good understanding of the Data Protection Act and GDPR provisions;
  • Results orientated with good communication and interpersonal skills.
  • Proven experience writing policies and procedural documentation for IT systems/requirements.
  • Strong Knowledge of applications, networks and system vulnerabilities and understanding of attacker techniques to exploit these vulnerabilities.
  • Experience with cloud environments
  • Experience with project engagements, using waterfall and agile methodology
  • Ability to understand complex web and standalone applications/systems architectures involving multiple technologies.
  • An understanding and experience with vulnerability management, SIEM and malware
  • Knowledge of penetration testing procedures
  • Knowledge of processes and tools relating to information security
  • CISSP security qualification or currently studying for CISSP
  • Experienced with internal/external security penetration testing

This fantastic role comes with a basic salary to £50,000 p/a and on top of the bespoke training package, comes with the following benefits: Annual salary review, 25 days holiday (which will increase to 30 days based upon length of service), private medical insurance, pension and many more.

Apply for this Vacancy

Please agree to our privacy policy

Not Tempted?

If you’re not keen on the above role but would like to submit your CV for future reference by out specialist recruiters, simply complete the 'Register' form above. We will be in touch with any vacancies matching your experience.