Information Security Advisor

We're recruiting for a Information Security Advisor who will work as an integral part of a fast paced IT team. You will advise and engage with the business on Information Security matters with a customer exp central to your ethos.

You'll be joining a business that thrives on achieving results that benefit people and communities, and offers fantastic opportunities for career development.

Your new role

The Information Security Advisor will be expected to take responsibility for managing the Information security management system on a day-to-day basis. They will also assess data management plans, user safety, security implementation, identify and understand threats and issues, monitor systems and compliance, maintain and improve user awareness and advise end users over information security issues. It is essential that, along with a strong knowledge of information security concepts and approaches, the post holder has high level competencies in engaging with a wide range of employees with differing backgrounds and technical competencies.

What you'll do:

• Participate in Information, IT and Cyber risk management, within the ISMS Risk Management Committee including assisting with risk assessments, maintaining a risk register and the identification and documentation of remediation actions. Track progress on remediation.


• Work with businesses and departments to understand key controls and processes and to implement IT, Information and Cyber security policies, processes and procedures


• Maintain and continuously improve the culture of security awareness and practice throughout Robertson Group with regular communication and refresher training for employees


• Gain skills as an auditor and perform audits against standards such as, PCI DSS, Cyber Essentials, ISO27001, ISO 22301, NIST 800 series.


• Carry out assigned audits and ensure that businesses are supported to complete assigned audit actions.


• Provide guidance for security requirements within Robertson as required.


• Administer the Robertson Information Security Management system and work with the Information Security Manager to ensure that the ISMS suite of documentation is kept up to date


• Carry out IT security incident identification, tracking, and reporting


• Work across Robertson businesses to implement and improve the Information Security management system and to ensure compliance with all appropriate policies, procedures and policies.


• Monitor information security compliance relating to all contractual responsibilities


• Work with the different Robertson businesses to ensure that there are fully tested business continuity and disaster recovery processes and procedures in place


• Manage Information /IT security systems to ensure the safety of Robertson information and systems.


• Develop skills and knowledge of data protection requirements, compliance auditing and processes such as Data Protection Impact Assessment, International Data Transfer Risk assessment and Legitimate interest assessment. Carry out subject access requests and FOI requests with the Information Security Manager.


• Demonstrable continuous professional development and a willingness to learn new skills.
  
  Experienced in looking after structured documentation and ensuring it complies with a specific standard


• Knowledge of ISO 27001


• Skills and knowledge of risk assessment and risk management processes in Robertson.


• Knowledge and experience of data protection laws and associated regulations


• Understanding of data classification and how to keep information secure


• Ability to work to tight deadlines


• Delivery focussed