• Providing support to the Security Function for the continued delivery and improvement of security within the organisation.
• To ensure security standards are met in the development, implementation and delivery of systems and processes.
• Help maintain the necessary frameworks through which Information Security compliance can be measured and assist with the measurement of them.
• Develop and maintain a robust Business Continuity framework
Principal Accountabilities:
Risk & Security:
• Monitor compliance with the Security Policies and Standards through project involvement, QA reviews and analysis of relevant audit reports
• Research security and privacy regulatory changes and recommend appropriate remediation
• Perform risk assessments as required and maintain the Security Risk Register
• Assist with the continuous improvement in the security service through the Security Enhancement Programme
• Act as an SME to the Business Functions providing security advice
• Reporting of the risk and controls on IT systems and projects to the Security Manager
• To act as the Business Continuity lead
Systems Security:
• Assist with annual appraisal of systems security controls
• Contribute to reports on security for systems
Core Competences Required:
Knowledge:
• An understanding of applicable UK law and regulations in relation to high technology and/or forensic investigation procedures
• An understanding of the UK Data Protection Act and other international privacy legislation
• Good understanding of Database, Networking and Systems concepts
• Excellent in-depth understanding of Business Continuity and good understanding of Service Continuity
Experienced in some of the following:
• ISF Standard of Good Practice
• Risk analysis and risk management
• Compliance monitoring,
• Experience of reviewing and amending internal processes and procedures
• Experience of implementing security systems, policy and awareness programmes, including supporting procedures. .
• Security architecture, infrastructure and technologies and their involvement in the Systems Development Lifecycle
• Experience of developing or maintaining a business continuity framework
Soft Skills
• Strong analytical skills
• Excellent written, design and oral skills
• Calm ability to manage conflicting views and priority while working under severe time constraints
• Ability to deal appropriately with information which may be highly sensitive
• Drive, energy and determination for achievement of high personal and organisational standards
• Excellent at developing strong relationships with key stakeholders and third parties
Technical Skills:
• Networks
• Microsoft Office Suite
• Microsoft Windows OSs (XP and 7+)
• Application Development
• Security Architecture