|Job Ref:||204735793||Employer:||cv-library.co.uk||Job Type:||Permanent||Country:||United Kingdom||County/State:||Cambridgeshire||City:||Cambridge||Address:||Post Date:||27/10/2016 03:25|
Information Security Officer / Compliance Officer|
We are currently seeking an Information Security Officer for a Technologies company to maintain and further develop the ISO 27001 certification in order to continue to meet increased business demands. Within this new varied role you will be responding to client Requests for Information regarding our client's information security posture and performing impact risk assessments on 3rd party suppliers.
As the new Information Security officer you will be covering the day to day maintenance and drafting information security policies, procedures and work processes ensuring that these meet and exceed the requirements of ISO27001, whilst ensuring that all information security policies and procedures are justifiable and responsible for attaining senior management approval of these policies. The successful applicant with have responsibility for performing business impact and risk assessments on 3rd party suppliers and assisting with the on-going design, testing and maintenance of BCP/DR (Business Continuity Planning / Disaster Recovery plans).
The appointed candidate will be ensuring that our clients information security posture meets the requirements of their clients and you will be developing and running a security awareness programme where you will chair and organise information security management forum meetings and ensuring adequate internal action and timely response for information security related incidents. You will be supporting the business in the development of ISO20000, ISO9001 and PCI-DSS compliance when the need arises and it is essential you have proven experience in a similar role
Applicants shall have proven experience in Information Security and a solid understanding of ISO27001 certification requirements, ideally through involvement with delivery of such certification to a previous employer or client company if delivered in a consulting role. Any experience of computer auditing, running an ISO27001 internal audit programme, running an information security awareness programme or experience of PCI-DSS, IL3, ISO20000 is preferred.
Skills & Abilities
• Proven experience within Information Security
• Solid understanding of ISO27001 certifications
• Detailed knowledge of ISO audit processes
• Able to solve problems quickly and completely, displaying independent problems solving and self-direction skills.
• Strong communication skills; capable of writing security policies and writing documentation for sharing with clients and prospects
• Able to document standard operating procedures in a concise and accurate manner.
• Able to grasp and balance the needs of the business and of the client with regards to information security
• Ability to work on multiple projects
Desirable Skills / Abilities
• Experienced computer auditor.
• Experience of running an information security awareness programmes.
• Experience of PCI-DSS, IL3, ISO20000
• Knowledge of BCP/DR planning ISO23001
• Knowledge of PCI-DSS Service Provider Level 1
• Knowledge of SOX/SAS security requirements and audits.
• Knowledge of ISO20000 or ITLv2/ITLv3
• CISSP or CISA certification preferred
Due to the work involved the successful candidate must be willing and able to undergo UK security clearance