W1siziisimnvbxbpbgvkx3rozw1lx2fzc2v0cy9nzxjqzs9qcgcvam9ilwjhbm5lci5qcgcixv0

Information Security Officer

  • Location

    York

  • Discipline:

    Compliance, Risk Management

  • Job type:

    Permanent

  • Salary:

    c. £45,000 + Benefits

  • Consultant:

    #

  • Email:

    psherlock@merje.com

  • Job ref:

    PS/16737

  • Published:

    4 months ago

Our client is a well-regarded and unique Financial Services firm located in Yorkshire. An exciting opportunity has arisen to join the business in the role of Information Security Officer. In this role, your primary responsibility is to support the effective planning, implementation and maintenance of the firms Information Security Management System. Providing information and cyber assurance support to the Information Security Manager and the day to day running of Information Security projects.

Key responsibilities include:

Information and Cyber security plays a part in almost all projects and functions of the organisation and therefore the role will work closely with all teams and in particular supporting the organisations Operational Risk and its Second Line Risk functions to provide subject matter expertise and support annual assurance processes.

The role will be involved in the implementation of technical controls requiring a logical and analytical approach. The role will work to support the development and maintenance of the firm’s Threat Intelligence programme, therefore an eye for detail and a strong analytical focus is desirable.

The role will work on a range of information security projects, therefore experience of project methodologies and some project management experience is desirable. In addition, experience working in a regulated and process orientated roles is beneficial.

In addition, the Information Security Officer will:

  • Help enhance the Information Security governance arrangements consistent with the Enterprise Risk Management Framework.
  • Support the implementation and maintenance of the firm’s threat intelligence programme to identify, investigate, evaluate and mitigate against relevant threats
  • Support the review and mitigation of information security/cyber risks posed to the organisation and the scheme as a whole.
  • Ensure the business works to the guidance laid out in the International Organisation of Securities Commissions cyber resilience guidance (IOSCO Guidance)
  • Analyse potential security risks and support the development of situation planning for potential Information Security Events to support the Business Continuity planning process.
  • Provide subject matter expertise to support the maintenance of the organisations Information Security/Cyber risk register(s).
  • Develop and regulate internal communications to keep data security and compliance prominent within the organisation.

The ideal Candidate:

  • An understanding of Information Security practices and principles.
  • Knowledge and experience in project management and using project management methodologies.
  • Good writing style with a detailed and consistent approach and the ability to rationalise complex principles ensuring they can be understood by a range of stakeholders.
  • Experience working with and supporting the creation of corporate policies and procedures.
  • ability to present quantitative data for a range of projects and audiences.