Information Security Officer - ISO 270001 - NIST - Incident Response - Phishing - Contract - Hybrid

Information Security Officer - ISO 270001 - NIST - Incident Response - Phishing - Contract - Hybrid

My client who are leaders in their field are looking for an Information Security Officer who will Manage the evolution of the company's Information Security policies to maintain best practice and alignment with Corporate and Regulatory requirements including the Global Information Security Group framework(GISG), General Data Protection Regulation (GDPR), SOX & ISO27001

Key Responsibilities:

• Working in partnership with the Data Protection Officer (DPO) & Legal & Compliance to protect the organisation's information.
• Proactively raising the profile of Information Security across the organisation, its stakeholders, vendors and customers.
• Providing consultation and/or education as needed and drive the adoption of information security as best practice.
• Working in partnership with the Business teams to ensure all Projects, Changes, policies and procedures are compliant with corporate information security policies.
• Management of the annual Security Incident Response Test (SIRT), as well as ensuring the remediation of any findings.
• Undertake Security related Testing, including Phishing, Security Incident Response Tests.
• Overseeing Audit Findings and any associated Remediation
• Maturing the Information Security mindset

Key Experience and Skills:

• Proven experience in developing, implementing, maintaining and leading an effective ISMS and information security control assurance programme
• Strong stakeholder management skills, including technical members of staff and senior executives, stakeholder negotiation and influencing
• Strong understanding of ISO27001, GDPR, SOX & Information Security Risk Management
• Understanding of information security tools
• Experience with business continuity, third party risk management and incident management.