Back to search
- Support the organization's Information Security and Assurance program to ensure appropriate assurance and compliance processes meet mandatory requirements and national standards.
- Develop, review, and implement policies and best practices for managing and maintaining information and cyber security.
- Implement processes to assess information assets for compliance with security policies, best practice standards, and legal and regulatory requirements.
- Act as a point of contact for information security and assurance queries.
- Ensure audits and compliance checks are conducted to verify physical and data security protection of all systems and assets.
- Identify security and assurance requirements for new or updated processes and work with relevant stakeholders to ensure appropriate documentation.
- Coordinate investigations and reporting of all actual and suspected security incidents, recommending actions to prevent recurrence and analyzing trends for organizational learning.
- Deliver training, education, and awareness programs on information security and risks.
- Engage with key stakeholders, including partner agencies and third-party suppliers, to ensure compliance with legal and regulatory standards.
- Stay informed about current legislation, standards, and practices in information security and data protection, fostering an environment of continuous improvement.
- Represent the organization professionally in internal and external meetings, fostering constructive partnerships and collaborations.
- Undertake other duties commensurate with the post’s nature, level, and responsibility.
- Regular travel may be required.
- Security clearance level: MV.
- A-levels or equivalent qualification.
- Recognized information security or data protection qualification (e.g., CISM, ISEB Certificate, CESG Certified Professional).
- Practical knowledge of current Information Security Management standards and best practices (e.g., ISO 27001).
- Practical knowledge of current data protection legislation and associated standards.
- Understanding of technical, human resource, procurement, project, and physical security considerations impacting information security.
- Familiarity with national information assurance conditions and standards.
- Experience with third-party security audits.
- Proven experience in delivering operational information security in a multi-site organization.
- Experience ensuring compliance with accreditation requirements.
- Development and implementation of information security policies and procedures.
- Conducting internal audits and facilitating accreditation activities.
- Leading and facilitating meetings with internal and external stakeholders.
- Liaising with external organizations and agencies on security matters.
- Ability to meet tight deadlines and respond to evolving demands.
- Skilled in influencing behaviors and outcomes using data-driven insights.
- Strong interpersonal and communication skills, with the ability to explain complex issues clearly.
- Proficiency in managing sensitive inquiries and maintaining secure material.
