Information Security and Assurance Advisor

Your new company
This client holds vast amounts of data for operational purposes, but how that data is used and secured requires rigorous governance to ensure its retention and use is lawful, fair and proportionate and does not infringe on the rights and freedoms of individuals.

You must be able to get or currently hold MV security clearance.
No sponsorship is available for this role.
Your new role
Responsible for information governance, security, records management and data protection, you will provide professional guidance and specialist advice with regard to information security and support our data protection compliance, ensuring that appropriate controls are identified and implemented to protect personal data and ensure all compliance requirements are met. You will also advise on and manage information security incidents and related governance and assurance documentation and reporting requirements.
Key responsibilities include, but are not limited to:
Risk Management, Clarity and Ownership - The individual should be able to work with stakeholders to identify, assess and manage information security risks, ensuring they are clearly understood, owned by the business and reduced to an acceptable level. As well as ensuring risks are well-written, consistently defined and assigned to the right owners, translating technical issues into clear business impacts.Assurance and Reporting - Provide leadership with clear, honest insight into security risks, highlighting emerging threats and control weaknessesIncident Management and Response - Support effective detection, investigation and response to security incidents, ensuring lessons are learned and controls improvedSupplier and Third Party Risk - Manage security risks associated with suppliers and cloud services, ensuring robust requirements are built into procurement and contracts
What you''ll need to succeed

To hold a recognised information security, data protection or information risk qualification (e.g Certified Information Security Manager (CISM), CISSP, GCRC, CRISC, DP PDP, BCS etc)Sound practical knowledge of current Information Security Cyber and Assurance Management standards and best practice (including ISO 27001/NIST Framework).Sound practical knowledge of current data protection legislation, standards and practice.Knowledge and understanding of the Technical, Human Resource, Procurement, Project, and Physical Security issues that impact upon information security and assurance.Able to demonstrate a good understanding of information security concepts and practices concerned with maintaining the confidentiality, integrity, and availability of information.

What you need to do now


If you''re interested in this role, click ''apply now'' to forward an up-to-date copy of your CV, or call us now.
If this job isn''t quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C''s, Privacy Policy and Disclaimers which can be found at (url removed)