Information Security Specialist

Marcus Donald are currently looking to source an experienced Information Security Specialist to join a large financial organisation in the City of London. 

This is an excellent opportunity for an Information Security Specialist to join the team to develop, coordinate and maintain the delivery of the Information Security framework, in line with Group Policies / Standards, industry best practice, client contractual requirements and the emergence of new regulations and technology.

The role will enable the alignment and support of the Divisional strategy, to deliver an effective information security and governance framework, as part of a centralised team

Duties and Responsibilities:

• Supporting the Divisional Information Security Strategy and governance framework
• Creating business-focused, practical Information Security solutions
• Increasing awareness of Information Security and Data Privacy
• Developing and maintaining industry awareness and best practices, relating to legislation & regulations, emerging threats, areas of operation and technology, surrounding Information Security and Data Privacy; and compete in knowledge transfer activities
• Providing guidance and support to enable business functions to comply with contractual requirements, maintain required certifications (ISO27001 / PCI DSS / Cyber Essentials / HMG Security Policy Framework)
• Conducting internal audits against ISO27001 and other appropriate standards
• Facilitating the coordination and management of scheduled external audits, Technical Security Testing
• Aiding with the development, production and management of Critical Asset Registers, Threat Assessments, Business Continuity / Disaster Recovery documentation, throughout area of responsibility

Essential:

• Experience of managing ISO27001 certifications and external audits
• Knowledge and Understanding of GDPR
• Knowledge of Public and Private Sector security requirements
• Internal audit qualifications and/or experience
• Excellent relationship and stakeholder management
• Experience in preparing and delivering reports highlighting risks for senior management
• Ability to analyse current business practices and identify areas of risk or improvement
• Ability to achieve an enhanced level of security vetting and screening
• Ability to communicate and influence at a senior level, including Director / Senior Management level

 Desirable:

• Awareness of appropriate legislation and regulations
• Knowledge of DevOps and DevSecOps
• One or more of - CCSP/CSTAR/CISSP/CISM/ISO/PCI DSS qualification
• Data Privacy experience and / or qualification

If this position is of interest, please do not hesitate to contact Bobby Corbyn for any questions that may need answering and/or further information regarding the company.