The team at AT Technology is looking for a qualified Cyber Security Officer to provide expert advice, support & management on information security related matters throughout the organization including maintaining & continually improving the Information Security Management System (ISMS) in accordance with ISO 27001 & GDPR.
The Cyber Security Officer will:
- Identify & mitigate information security risks in line with industry practices, the risk appetite of the business & any legal, regulatory or contractual requirements.
- Ensure compliance to legal, regulatory & contractual Information Security requirements & internationally recognized standards are integrated as part of “business as usual” activities
- Ensure suppliers operate under similar requirements & conduct appropriate & proportionate due diligence assessments
- Undertake Business Impact Assessments (BIA) and Information Security Management Reviews as necessary across the business – identifying risks, deficiencies, improvements & requirements in operational & technical controls.
- Chair the Information Security fortnightly workshops/meetings across the organization.
- Co-ordinate & liaise with external auditors & assessors as necessary.
- Control & administer the NHS Web and Security (compliance) programme.
- Provide up to date Information Security advice to business projects, incorporating Risk Acceptance Criteria Notices (RANs).
- Manage & update Information Security policies, standards & operational processes.
- Min 3-5 years of experience in Information/Cyber Security.
- Good knowledge of ISO 27000 family.
- Good knowledge of Information Security audit.
- Graduate with relevant degree.
- Excellent communication skills.
Good to have:
- CRISC certified.
- CISSP / CISA or equivalent Information Security or Systems Audit accreditation.