Business Information Security Officer

Provide Security Consulting and Advisory via engagement with business and DTS stakeholders to support the delivery of secure products and services

Business Information Security Officer

Bracknell

£80k

What will you be doing?

This role sits in the Group Information Security function, a dynamic highly motivated team committed to ensuring that the business is organisationally and technically secure in a fast-evolving environment with substantial critical assets, systems and sensitive data to protect in multiple locations.

You are responsible for the following:

Provide Security Consulting and Advisory via engagement with business and DTS stakeholders to support the delivery of secure products and services

Responsibilities will also include:

• Collaborating with management, security teams, and other stakeholders to determine information security needs and requirements for projects and ad-hoc work
• Develop and implement a global cyber education programme including awareness material, training and simulations
• Support the Head of Information Security to develop and embed the cyber policy framework within key areas of the business
• Overseeing project scoping, requirements gathering, risk assessments, and designing of security projects
• Project management and governance activities for the cyber team e.g. reporting into governance forums
• Carry out business process mapping, identifying areas for improvement, business process re-engineering and business process analysis wherever needed.
• Build relationships across internal cyber security teams and third-party suppliers of cyber security services to develop the end-to-end service models and understanding of service offerings.
• Reporting, development and management of agreed measures, and key performance indicators for the function.
• Development of a service catalogue covering all security-related services, both internally and externally

To be successful in this role, you should:

• Demonstrable experience developing, implementing and managing organisational wide security engagement programmes within a medium or large organisation.
• Experience in performing security reviews, identifying gaps in security architecture and developing security risk management plans
• Experience in leading and driving business initiatives, new strategies and vision across an organisation, through engagement and collaboration with business stakeholders, other Technology stakeholders and external suppliers
• Knowledge of a broad range of current and emerging Technology technologies, architectures and delivery models
• In-depth knowledge of enterprise architectures including, as a minimum, data centres, communications and collaboration, networking, end-user computing and tooling.
• Knowledge of cyber security frameworks, controls and tools e.g. ISO27001, CISSP, CISM, GIAC, NIST CSF, 800-53, SOC2, GDPR etc (Desirable)
• Knowledge of leading public cloud platforms, for example; Azure, AWS and Google Cloud, and software as a service platforms
• Excellent verbal and written communication skills, with the ability to communicate technical concepts to non-technical audiences.
• Strong leadership, communication and collaboration skills dealing with fast-moving, complex scenarios supporting multiple initiatives and goals
• Excellent analytical skills, structured and methodical approach; able to simultaneously manage multiple varied activities
• Information Security, Change and enterprise architecture related qualifications, e.g. CISSP, CISM, Prince 2, TOGAF etc would be desirable but not essential.

Benefits include:

• Competitive salary
• Private medical insurance
• Life assurance
• Pension contribution
• Hybrid working model (role dependent)
• Generous holiday package
• Free parking
• Option to purchase additional holiday
• Shared parental leave

Please apply now with your most up to date CV. All applicants will be considered, only those successful will be contacted.