Ref: DCJFI0507_1625499985

Information Security Officer

England, Greater Manchester

Job description

Information Security Officer

DCJFI0507_1625499985

Information Security Officer - Manchester - Remote - Salary to £45,000



A leading provider of innovative and autonomous software solutions to a rather unique industry are looking to invite an experienced Information Security Officer to join the team.



This is an exceptional opportunity to join thier talented team in the digital technology sector. They have a fun and vibrant office in central Manchester and with thier company culture to promote from within, excellent career development opportunities are available for the right candidate.



Purpose of Role

Reporting to the Head of IT, the Information Security Officer will work with the IT team to ensure the company network is secure and the whole Company to ensure it is compliant with company policies. You must demonstrate strong and broad technical capabilities to establish security risks to the business, oversee the monitoring and security of the company infrastructure and use your expertise to make recommendations to ensure systems are configured to industry-standard best practices.

Duties:

* Manage the IT/Business security gap and risks assessments with the ongoing development of the Information Security Framework ensuring ongoing compliance with ISO27001, GDPR etc
* Supporting management to manage risk and security
* Complete internal and facilitate external audits
* Proactive monitoring, identification and mitigation of security vulnerabilities
* Investigation of security events
* Assessment, planning, coordination and implementation of system patching and server hardening to improve system security and availability
* Recommend and drive security initiatives with internal stakeholders
* Delivering Information Security reports on an ongoing basis, looking at trend analysis, etc
* Support internal projects, providing security guidance on new initiatives and change
* To support in all areas of Data Protection and leading the business response to any regulatory investigation or request for information

Key Responsibilities:

* Implementing changes/fixes to address security vulnerabilities identified (e.g. during security scans, penetration tests, risk assessments etc.)
* Risk assessment and risk treatment
* Assessing and recommending server hardening activities.
* Monitoring external information sources to make recommendations on the latest security threats and vulnerabilities.
* Management of company authentication platforms and mechanisms

Essential Skills:

* Knowledge of network protocols, architecture and information security standards and procedures
* Experience with Government, Risk Management and Compliance
* Experience managing an ISMS (information security management system) and maintaining ISO 27001 (2-3 years+)
* Knowledge or experience of PCI-DSS (Payment Card Industry Data Security Standard)

Desired Skills

* Experience of AWS networking and security controls
* Linux Server Administration
* LDAP Directory Service management.
* Experience performing security audits with associated reporting duties
* Strong understanding of operational risk and general risk assessment procedures
* Knowledge and understanding of ISAE3402 type 1 and type 2 assurance audit
* Experience working within recognised Information Security frameworks and best practices such as ISO27001, NIST etc

For more information about the company and the role that is on offer apply to this advert with an updated version of your CV or give Daniel Cordy a call.