Information Security Officer (2 year Fixed Term Contract) – 100% remote OR office based: In this newly created techno-functional role, you will assist develop, implement and manage all aspects of Information Security throughout our charity client. You will support the IT and Information Governance Team in providing expertise and advice to ensure that our charity client complies with Information Security best practice, the General Data Protection Regulation, Data Protection Act 2018 and other relevant legislation and guidance. In addition, you will have responsibility for advising organisation-wide on compliance issues, as well as conducting information security reviews on assets across the organisation. This new role is designed to ensure that our charity client has a robust Information Security Framework in place.

PERSON SPECIFICATION:

• Demonstrate experience with the creation of security guidelines, standards and processes is essential
• Demonstrate excellent knowledge of the relevant legal and statutory requirements relating to Data Protection and Information Security
• Pro-actively identify areas of improvement to drive forward information security improvement’s
• Provide practical risk-based advice to colleagues on information security matters
• Engage and communicate clearly with users, including communicating complex concepts in simple user-friendly language
• Create a positive compliance culture around information security & governance.
• GDPR requirements
• Working knowledge of Microsoft Office 365/Azure security features to ensure maximum compliance to security standards is achieved
• Information security management frameworks, such as ISO 27001 and Cyber Essentials Plus
• Must be able to demonstrate sound technical diagnostic skills
• Payment Card Industry Data Security Standards
• Development of policy and guidelines that support best practice in information governance,
• Compliance monitoring and auditing
• Information Asset Register Management
• Development and monitoring of Information Security Policies

EXPECTED EXPERIENCE:

• You have a university degree (or equivalent experience in a similar role), ideally with a focus on information security/governance or a sound education with appropriate further training, certifications such as CISA, CISM or CISMP are advantageous.
• Able to work on own initiative with minimal supervision and to tight deadlines
• A strong confident communicator verbally and in writing who is able to influence a variety of stakeholders
• Keen to have an impact in everything you do.