IO Associates area currently helping a market leading organisation find an Information Technology Security Officer. The successful candidate will be responsible for all aspects of IT security including creating and maintaining IT security policies. Part of this role also includes acting as an Assistant Security Controller undertaking all Security Controller tasks in the absence them.
·Responsible for developing, implementing, maintaining and auditing against company wide IT security policy and procedures
·Responsible for the organisation of IT security,
·Responsible for the auditing of IT security controls within the IT department and across the business to ensure compliance with Security Policy Framework, ISO 27001:2013 and L-3 Corporate Security & IT Policies
·Responsible for the monitoring of IT systems in accordance with Protective Monitoring Policy
·Developing and promulgating IT security awareness across the company, through a range of mediums including regular security updates, specific training and education campaigns, project specific guidance and support
·Provide support and advise on the accreditation of systems and ensuring correct codes of connection, particularly for systems carrying protectively marked data or that are connected to the internet
·Assist in the defining of relevant IT security controls to produce risk based metrics for review of effectiveness at Information Security Forum meetings in support of the Information Security Management System
·Responsible for conducting all technical Risk Assessments
·Oversight of IT Asset Management
·Responsible for the Information Asset Management tool
·Responsible for organising Penetration Tests
·Lead for Data Discovery and Data Clean-up
·Experience of Security Policy Framework/JSP 440
·Previous experience of managing IT security policy within Public or Private Organisation
·Understanding or experience of ISO 27001
·Information Risk Management
·Must have excellent computer literacy e.g. MS Word, Excel, PowerPoint, SharePoint etc and a security database application
·Experience of Policy writing.
·Knowledge of network topologies, especially IPV4 and IPV6 corporate IT networks. A detailed understanding of how standard network security appliances and systems, such as SIEMs, firewalls, IDSes, etc
For further details please get in touch immediately.