Lead Information Security Officer

  • Permanent
  • Bristol, South West
  • Posted 23rd September 2020
  • £60-65,000
  • Ref: rcis239

Lead Information Security Officer required by market leading, award winning professional services organisation based in Central Bristol (10 minutes from Temple Meads Train Station). The successful Lead Information Security Officer will report into our clients Head of InfoSec and will be responsible for continuing the enhancement and implementation of information security and data processing policies and standards across the business and in particular, auditing and maintaining ISO27001 processes and accreditation.

Main responsibilities of the Lead Information Security Officer:

  • Acting as the central point of contact with regards to information security
  • Supporting and managing the Info Sec team
  • Supporting the work of the Business Continuity Forum as required
  • Ensuring continued compliance against BS ISO/IEC 27001 certification for all office locations, including planning and coordinating regular external surveillance and re-certification audits;
  • Planning and implementing extensions to the scope of this and other certifications
  • Managing the client audit process and progressing and closing external audit non-conformities.
  • Monitoring and managing the day to day Information security management system (ISMS).
  • Plan, manage and undertake internal and third party audits on IT governance, information security and controls.
  • Liaising with IT as necessary including providing input into IT Sec Forum as required

Required background of the Lead Information Security Officer:

  • Proven experience of having managed an Information security management system (ISMS) and maintaining ISO27001 certification in a multi-site operation.
  • Solid understanding of IT and experience in contributing to IT governance, controls and best practice processes.
  • Considerable experience in undertaking a range of internal and third party audits around Information security, data protection and IT governance and controls.
  • Experience in developing physical security best practice processes and controls.
  • Good understanding of the Data Protection Act and EU GDPR.
  • Very good understanding of the principles of risk assessment and risk treatment, including operational risk as well as compliance monitoring and reporting.

This fantastic opportunity offers a basic salary of £60,000-65,000 p/a with an excellent benefits package which includes 25 days holiday (which will increase to 30 days based upon length of service), pension, cycle to work scheme and private medical insurance to name but a few.

Apply for this Vacancy

Please agree to our privacy policy

Not Tempted?

If you’re not keen on the above role but would like to submit your CV for future reference by out specialist recruiters, simply complete the 'Register' form above. We will be in touch with any vacancies matching your experience.