Connecting...

W1siziisimnvbxbpbgvkx3rozw1lx2fzc2v0cy9tb25hcmnolwl0l2pwzy9qb2itymfubmvylmpwzyjdxq

Job: Information Security Compliance & Risk Contractor

Job Title: Information Security Compliance & Risk Contractor
Contract Type: Contract
Location: Cardiff
Sector:
Salary: Competitive
Start Date: ASAP
REF: Information 08
Contact Name: Kristen Furse
Job Published: 6 months ago

Job Description

Information Security, ISO 27001, Compliance, Risk, Governance, Audit, Assessments

Duration: 6 months initially

Location: Cardiff

Due to increased focus and growth, there is currently an opportunity to join the Information Security Team. This is for an Information Security Compliance & Risk role to work alongside the Governance, Risk & Compliance team members supporting the Security Improvement Programme.

Main Duties

  • Plan and perform Compliance Assessment


  • Develop the Information Security Test Library


  • Gather evidence for test and assessments performed


  • Collate Compliance Assessment reporting


  • Monitor and track Risk & Action statuses including Remediation plans


  • Monitor and track Risk Acceptances through regular reviews


  • Provide Third Party Risk assessments, including Due Diligence, RFx’s and remote access reviews


  • Work closely with, and support the Governance, Risk & Compliance team members


  • Support collating of Key Risk Indicators data for both Management and Group Risk Committee


  • Support collating of Management Information on an agreed schedule.


  • Help the Information Security Training team with metrics and information to better align their training material


  • Help with and feed into the various Information Security Policies, Standards and Procedures


This is not a full definition of the role but covers the main aspects and drivers for success.

Experience and Qualifications Required

Essential

  • Well organized


  • Team player


  • Able to work autonomously


  • Excellent multi-tasking skills


  • Previous experience within a Risk and/or Audit based role


  • In depth knowledge of ISO 27001


  • Understanding of various other security frameworks


  • Good communication and listening skills


  • Good planning and scheduling skills


  • Be able to work in a fast paced and changing environment


Desirable:

  • A good understanding of Security concepts and principles and best practice


  • Experience of performing Risk Assessments, utilising all available data


  • Good understanding of IT systems and networks


  • Fundamental understanding of risk management principles


  • Previous experience of coordinating activities within an ever changing landscape


  • Information Security qualification, preferably Audit or Risk based


If you feel you have the skill-set and experience for any of these positions, please send me your most up to date CV and I shall be in touch.