Main duties and responsibilities

• Coordinating, scheduling, and assisting with internal audit (including ISO 27001, Cyber Essential Plus and TickIT plus).
• Supporting the delivery of the information security strategy as designed by the Head of Cyber and Information Security.
• Ensuring policies, processes and procedures are aligned with best practice and kept up to date.
• Responsible for triaging and handling colleague’s queries relating to information security and acting as a point of escalation for Service Delivery Teams.
• Assisting the Head of Cyber and Information Security with managing, maintaining and testing the information security aspects of the Business Continuity Plan.
• Participating and sometimes chairing the information security steering group meetings.
• Participating and coordinating the monitoring of third-party risks.
• Assisting and sometimes coordinating security incidents from start to finish.
• Identifying risks and ensuring the risk register is kept update.
• Facilitating the promotion of a robust security culture within the organisation.
• Assessing, monitoring, and alerting on Data Loss Prevention in-line with agreed business policies.
• Identifying and monitoring external information sources to make recommendations on latest security threats and vulnerabilities that affect our technical estate.
• Offering security support to the commercial tendering and bid processes in relation to information security management requirements.

Applicants to this role require

• Self-motivated, professional, tenacious and enthusiastic.
• Strong ownership of tasks, attention to detail and following through to conclusion.
• Ability to work under own initiative to plan and communicate effectively with colleagues.
• Ability to plan, organise and follow through on assigned tasks and complete tasks.
• Ability to learn and develop new skills and take on new challenges.
• Either achieved or demonstrates working towards achieving recognised Information security qualifications e.g. (ISO 27001, NIST, CISA or other comparable certifications).
• Experience working within recognised Information Security frameworks and best practices such as ISO27001, NIST etc.
• Experience with information security management systems.
• Degree in IT or similar long experience in an information security professional environment including auditing.
• Knowledge / experience of ISO 27001, TickIT Plus and Cyber Essentials Plus.
• Robust knowledge of information security frameworks.
• Member of professional body(e.g. Chartered Institute of Information Security (CIISec) (Desirable).

TMM Recruitment