Information Security Officer

The Bridge Ltd
Up to £75,000 per annum Pension, Healthcare, Life Assurance, Season Ti
11 Oct 2016
19 Oct 2016
Contract Type
Group Information Security Officer - ISO27001, CISSP, CISM Up to £75,000 basic salary, Pension, Healthcare Our data gives our customers the edge they need to compete in their markets – either through the data itself or through products we develop that enable them to solve business issues. We use a combination of market analysis and statistical modelling to create comprehensive and reliable data and information. We pride ourselves in bringing clarity to a market that can be complex and confusing and have built our business to be the best in our sector in the world. The main purpose of the Group Information Security Officer role is to be accountable for all information security related risk management activities, policies, compliance controls and operations, in order to protect clients, as well as the company's brand names and reputation with an emphasis on revenue protection. The role will also provide visible leadership for all aspects of the Information Security function, providing strategic direction for the function and liaising closely with other managers at all levels and across the pan-European business. The purpose of the Information Security Management function, in turn, is to bring the organisation’s information security risks under explicit management control through the Information Security Management System. Group Information Security Officer Responsibilities Leadership and strategic direction for the function, ranging from planning and budgeting to promotional activities expounding the value of information security Trusted advisor to related functions (such as Physical Security/Facilities, Risk Management, IT, HR, Legal and Compliance) plus senior and middle managers throughout the pan-European organisation as necessary, offering strategic and practical guidance on information security matters such as routine security activities, emerging security risks and control technologies Recruitment, leadership and direction for a network of information security ‘champions’ distributed throughout the pan-European organization Leads the design, implementation, operation and maintenance of the Information Security Management System based on the ISO27001 standard Actively promoting the commercial advantages of managing information security risks more efficiently and effectively and driving information security awareness, training and educational activities Leads the preparation and implementation of necessary information security policies, standards, procedures and guidelines, in conjunction with the Group Risk & Compliance Director Leads the design and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies and applicable laws and regulations Leads or commissions information security risk assessments and the selection of appropriate controls Group Information Security Officer Required Skills · Extensive knowledge of Information Security regulatory requirements · Excellent working knowledge of risk management and risk assessment tools and techniques · Comprehensive knowledge of Information Security industry, product and service trends · Comprehensive knowledge of current Information Security threat types and potential mitigation controls · Knowledge of IT project lifecycle · Knowledge of Information Security within frameworks, such as COBIT · Knowledge of Information Security within architecture, such as TOGAF. · At least 5 years of full-time work experience in information security management · Current information security management qualifications such as CISSP or CISM · Absolutely trustworthy with high standards of personal integrity (demonstrated by an unblemished career history, complete lack of criminal convictions etc .) , and willing to undergo vetting and/or personality assessments to verify this if necessary ·Typically a background in technical IT roles such as IT architecture, development or operations, with a clear and abiding interest in information security This job was originally posted as

More jobs like this