Information Security Officer - CISSP, CISM

Job Description


Information Security Officer - CISSP, CISM, Cyber Essentials, NIST, ISO27001

Our ultra friendly London Insurance client are actively looking to recruit an Information Security Officer (CISSP, CISM, Cyber Essentials, NIST, ISO27001) to be resposible for this implementation and running of the firms IT Cyber security framework.

As the firms Information Security Officer (CISSP, CISM, Cyber Essentials, NIST, ISO27001) you will be responsible for the continual improvement of all security activities across the Group, and will be proactively ensuring that security is represented at all levels and functions.

This role will be establishing a new function, it is expected that it will eventually grow a team, department and become CISO but initially is a very hands on role.

This Information Security Officer (CISSP, CISM, Cyber Essentials, NIST, ISO27001) is a newly created and exciting role reporting into the IT Operations Manager. The primary purpose is to evaluate the current IT landscape and provide recommendations for improvement, to new and existing processes. Therefore, you will be leading on all aspects of IT Security, including developing our strategy, our policy’s and processes.

As the Information Security Officer (CISSP, CISM, Cyber Essentials, NIST, ISO27001), your key responsibilities will involve:

  • Ownership of all IT security matters, including but not limited to the IT Security strategy.
  • Responsibility for governance and the production and updates of all aspects of documentation relating to IT security.
  • To design and implement regular management information for the the firm, whilst monitoring and reporting on IT security exposures.
  • Ensuring compliance with the relevant adopted standards such as Cyber Essentials and Lloyd’s Minimum Standards (MS11) as well as embedding the NIST CSF (Cyber Security Framework) controls.
  • To assume the role as 'Security Lead’ for all projects and programmes, ensuring the successful scoping and delivery of all security work streams.
  • A detailed and on-going assessment of the IT security landscape. To research and provide recommendations for improvement to stakeholders.
  • Oversee the training and awareness campaign of IT Security across the firm.
  • Arrange penetration/vulnerability testing, audits and all aspects of IT security compliance.
  • Undertake any other related duties as may be reasonably required.

To be considered for this Information Security Officer (CISSP, CISM, Cyber Essentials, NIST, ISO27001) you must meet this criteria:

  • Formal qualifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM).
  • Expert IT and Information Security standards (Cyber Essentials, NIST, ISO27001, etc).
  • Proven implementation of similar frameworks, tools and systems (including evaluation and selection).
  • Proven communication skills, both written and verbal, with the ability to liaise with stakeholders at all levels.
  • Solid project management experience with a record of delivery and managing change.
  • Experience of Security Design and Architecture, and an in depth knowledge of Cloud Security and technologies.
  • A keen and natural interest of IT security trends with an excellent all round knowledge of IT.
  • A proven team player who is willing to share knowledge and train colleagues, who is approachable and willing to assist.
  • Excellent time management and highly self-motivated.
  • Driven to continuously improve areas of responsibility.

There is something wrong with this job ad? Report the error