Information Security Officer – Lancashire – Hybrid.

£58k to £61k plus 10.5% bonus, 14% company pension contribution, healthcare, flex bens programme etc

Information Security Officer required for this Northwest based regulated organisation.

The organisation is looking to build its cyber security capability significantly, is well funded into the millions and development of the security function is driven from the top down.

The security function is investing heavily in the training and development and has its own allocated training budget and training manager.

As the Information Security Officer, the core part of the role will be to ensure the business is compliant against security policy, acting as advisory, collaborating with stakeholders and management to improve security posture, review policies, and assist with incident, security reviews and ensure business processes comply with cyber security policy frameworks.

As the Information Security Officer, you will work with the Information Security Manager to undertake advisory function to the business and support the business areas to identify and reduce risk.

You will assess the current threat landscape, providing realistic overview of risks and threats in the enterprise environment, supporting RFI/RFP, audits, supplier management and Projects with security lens on new supplier’s deliverables.

As the Information Security Officer, you will input and help to manage the cyber security compliance schedule Notify and manage escalations and ensure reporting is accurate and Input into security communication, awareness, and training for colleagues.

Ideally you will have as much of the following as possible:

• ISO27001 audit experience
• Background in an information security type role with real-world experience of reviewing policies
• Acted in an advisory capacity to the business & monitored security compliance across the business
• Experience of maintaining policies, procedures, standards, and guidelines
• Ability to articulate security risk simply and effectively with business managers and business stakeholders
• An appreciation of business drivers, security tools, technologies, and security best practice
• Exposure to cyber security frameworks and standards.
• Understanding of information security related law and regulations such as GDPR or NIS

There is significant opportunity to develop and grow in this role with the growth of the team and from a training perspective.

This advert is just a snapshot of position, for a more detailed job specification, information about the client and confidential conversation around your career and CV - Apply now!