Information Security Officer

Marcus Donald are currently recruiting for a huge Telco, who are looking to recruit an Information Security Officer. You will be responsible for & provide guidance around the business’ technical security risks & implement solutions to ensure compliance to ISO27001 ISMS policies, legal, regulatory, or contractual obligations.

Knowledge & appreciation for ISO 27001/27002 is of importance here as you will be a key hire for the business who have important movement, project plans and growth expected in the next 2-5 years.

*Hybrid working – 1-2 days per week in Hampshire*

(Like many, the business are currently reviewing their hybrid working strategy and therefore, this could be amended in time)

Information Security Officer – Responsibilities:

• Enable Technical teams to integrate and embed technical requirements in line with Information Security Management Systems
• Support frameworks within the technical solutions and processes; supporting functions to raise exceptions against business ISMS
• Review project designs, offering practical recommendations to the project team
• Assist and support Information Security Risk Assessors with risk assessments and appraisals
• Continue to ensure that IS can enhance innovation, improve productivity and ultimately drive revenue
• Improve on & develop new processes, procedures, policies, standards, and guidelines to continuously improve the business’ cyber security maturity and promote awareness

Information Security Officer – Requirements:

• Significant IS experience and knowledge including using standards from at least one of the following authorities; NIST, CIS, CCA or ISF
• Knowledge of technical enterprise IT systems (server, database, storage, cloud) & Enterprise IT Security systems (Firewalls, IDS/IPS, Web proxy, PAM) to enable effective security evaluation of new designs
• Knowledge of Microsoft AD, MS Azure, MS security services, MS O365, SAML, ADFS

Information Security Officer – Desired:

• Certifications; CISM (ISCA) , CCSP (ISC2), CCSK (CSA)
• Additional certification that are also desirable include; Microsoft certifications, CEH and TOGAF
• Experience of working in government or other highly regulated environments. However, we are open tothose how have worked in other industries
• Knowledge & experience with IP networking concepts and supporting protocols (Dynamic Routing, DNS, NTP, SNMP)
• Knowledge & experience of Amazon Web Services infrastructure, services and security

This job description is a diluted version with most important points included, there is a more informative job description available for you to paint a better picture of the role and of course we would be more than happy to discuss the position with you in more detail. If you would like to contact me directly, my email is awarren@marcusdonald.com