Address
Form of work
SalaryPermanent Salary: Up to £50,000
Chesterfield or Aberdeen
Working Arrangement: Hybrid, flexible
Your new company
I'm currently looking for an Information Security Analyst to work for an engineering organisation with offices in Chesterfield or Aberdeen. This role can be completed in a relaxed hybrid environment from either office.
The ideal candidate will have some experience of maintaining ISO27001 certifications, will have an auditing mindset and will have managed IT risk registers.
Your new role will involve
- Partially responsible for the maintenance of accreditations (ISO27001 / Cyber Essentials+)
- Day to day IT risk management and mitigation
- Supporting with IT security internal and external audits
- Contributing to some areas of business continuity plans with the Head of Information Security
- Utilising TickIT Plus for quality management, auditing against ISO9001
- Acting as an Information Security SME for colleagues, answering queries, encouraging the adherence of security best practice amongst staff in a complex organisation with a variety of stakeholders
- Consistently contributing to the upkeep of the risk register
- Working with all areas of the business and building relationships with colleagues to gain a better understanding of wider business functions, their security requirements, and how best to coach employees on security principles that are applicable to their operational needs
- Auditing the organisation against ISO27001 and other standards such as NIST and Cyber Essentials + where suitable
- Assisting with security initiatives and implementations
- Maintaining a contemporary knowledge of current threats and cyber trends
- Assisting in the identification and support of 3rd party compliance requirements
- A strong Information Security (audit, governance, risk and compliance) background
- Experience of TIckIT Plus would be ideal but not essential
- Excellent communication skills, proactive and business solution focused mindset
- Thorough understanding of, and practical application experience of commonplace security, risk and compliance frameworks (NIST, ISO27001, CE+)
- Experience of working cross-functionally across IT, Transformation, GRC, audit and security operations teams
- Experience within an engineering environment would be advantageous but any large, complex organisation will work
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
#4500779 - James Dilks
