Information Security Officer Comprehensive Benefits Package
Our client seeks an Information Security Officer to conduct and lead on investigations, analysis and reviews following breaches of security. The Information Security Officer will complete threat modelling to ensure the security of all company systems. They offer a competitive salary, comprehensive benefits package, and the opportunity to work in a dynamic and challenging environment.
- Be a proactive member of the Information Security Team and the wider RISC Team, ensuring we add value to the business.
- Keep up to date on the latest Information Security developments. TTPs, changes in the threat landscape, new security tooling.
- Conduct and lead on investigations, analysis and reviews following breaches of security (or ‘near misses’) and preparing recommendations for security improvements arising from such incidents.
- Contribute to the company being compliant with ISO27001, Cyber Essentials and relevant Government Cyber frameworks.
- Carry out threat modelling to ensure the security of all company systems.
- Write Risk/Balance cases for senior management.
- Translate Information Security and IT Risk into business language.
- Educate colleagues about security software and best practice relevant to their role.
- To support the organisation to be the leading UK public sector business services provider, actively sought by government bodies.
- To provide high quality, effective and easy to use services that add value to our organisation, enabling us to achieve the best outcomes for the British people and the UK economy.
- Previous experience in a similar role working as an Information Security Officer.
- A relevant entry level security qualification such as CompTIA Security+, (ISC)² SSCP, or BCS CISMP.
- Experience in the Information Security field such as Incident Response, threat hunting, threat modelling, vulnerability management, penetration testing, forensic investigation of cyber incidents, AWS/Azure Cloud Security, DevSecOps.
- Understanding of the underlying IT, web and networking principles and technologies.
- Relevant professional qualification (e.g., CISSP, CISM).
- Relevant professional membership e.g., British Computer Society, Institute of Information Security Professionals.
- Experience of working with information covered under the UK Government security practices.
- Experience in supporting security control frameworks, such as ISO27001.