Back to Job Search

Head of Information Security

  • Location: Staines-upon-Thames
  • Salary: £80,000 per year
  • Job Type:Permanent

Posted 29 days ago

  • Sector: Compliance
  • Contact: Louie Felton
  • Contact Email: lfelton@merje.com
  • Contact Phone: 02036371610
  • Expiry Date: 06 October 2022
  • Job Ref: LF/19318

​Main Purpose of the Role

• Comply with UK General Data Protection Regulation (UK GDPR) and certificate retention (ie ISO27001 and Cyber essentials, others as applicable to business requirement).

• The Head of Information Security will be a subject matter expert in all aspects of information security. They will be the lead role in ensuring compliance and managing the continued implementation, monitoring and control of information and data and security governance.

• The role requires an individual who has the required experience in working with business and technology teams on how to manage and secure personal data as defined by the legal, regulatory authority requirements.

Legal

• To have good understanding and awareness on all matters relating to the General Data Protection Regulation and the UK data protection bill,

• Ensure that robust and comprehensive Data Quality and Protection controls are in place across the business based on current and, as required, new guidelines and legislation.

• Devise, update and report on Data and Information Security Management controls, issues, breaches and major incidents.

+ more.

Operational

• Offering advice to managers regarding data protection impact assessments and monitoring performance and compliance.

• Carry out regular reviews of the company’s data processing operations and the accessibility of personal and confidential data.

• Ensure appropriate assignment of responsibilities in relation to the management of data and information and, in particular, the processing and protection of personal and confidential data.

• Ensure and evidence effective Information security control testing, including but not limited to technical, organisational, physical and logical measures.

• Act as the main contact across the business for all aspects of Data and Information security management.

• To produce a rolling annual plan to ensure that there remains a relevant awareness of all aspects of Data and Information security management across the company.

+ more.

Qualifications and Experience

Essential

• Degree level qualification in relevant Information, Business or Legal area, and/or relevant experience (3-5 years) within privacy compliance.

• ISO27001 Lead Implementer or other IT Security certification CISSP, CISM.

Desirable

• Additional recognised privacy qualifications e.g. CIPP, ISEB, C-DPO.

• NIST.

Please note, should feedback not be received within 28 days due to the large volume of applications, unfortunately, your application has been unsuccessful. However, we may be in touch with similar relevant opportunities.