Information Security Officer - CISP - PCI DSS - ISO 27001

Nottinghamshire  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Description

Information Security Officer - CISP - PCI DSS - ISO 27001

Overview

A fantastic opportunity has arisen for multiple Business Information Security Officer's.

As Business Information Security Officer you will be a part of a team, helping the business improve its information security posture with respect to delivering products and services to clients and consumers. You will be responsible for performing risk and control and compliance assessments.

This is a great next step for someone in an Information security role looking to take their career to the next level in a senior Information security role is based in Nottingham.

Key responsibilities

Implement the Information Security Policy and Standards across business unit(s)

Ensure that appropriate visibility of non-compliance is raised through the corporate issues and risk processes

Proactively identify information security deficiencies or opportunities for improvement and facilitate development of pragmatic solutions

Provide escalation path for information security issues, incidents and enquiries

Engage with clients and customers as needed to assist business achieve its objectives with pre and post sales activities (eg explain our security program, support external audits, support bids/rfp process, etc.)

Support Information Security Assessments for third parties

Provide regular, timely reporting on the information security status across the supported business units

Performing information security reviews and control compliance assessments

Reviewing BU processes and products for policy violation/non-compliance areas

Performing acquisition due diligence for Information Security risks and control deployment

Be a part of the business unit team and act in a consultative way to help business improve its security posture and adhere to security policies and expected controls

Ensuring new products/services, applications, new third party or client relationship, etc. has appropriate security controls Embedded and that the risks are appropriate addressed

Participate in BU related conferences or client facing engagements and present as needed

Assist business in managing and preventing future incidents and providing incident coordinator services as needed

Job requirements and qualifications

A solid background providing Security solutions from a Security risk and governance

Excellent communication/presentation skills including the ability to translate technical/security issues to business users

Ability to communicate to and influence senior management

Excellent Leadership skills with ability to independently lead virtual teams to deliver results

Self-motivated, willingness to take on challenges and adaptability to change and manage changing priorities

Process Driven and an eye for detail

Organizational and Planning skills including a working knowledge of project management techniques (eg PRINCE 2)

A sound understanding of security best practise and international standards such as ISO2700 and PCI DSS

Good understanding of software development processes particularly in relation to secure development

Good understanding of key network and technical security controls

Security Training and Awareness and Security Incident Management knowledge experience

Ability to demonstrate security skills via a recognised Information Security qualification (eg CISA, CISM or CISSP and/or ISO 27001 Lead Auditor Certification)

Demonstrable experience of driving operational implementation of policies and processes across business units, using influencing and security skills

Demonstrable experience of working within regulated environments

Knowledge and experience of Information Security Risk and Security governance Understanding of risks in banking/financial services sector will be an added advantage

If you match these requirements, please apply in the normal way. Elevate will send you an email, please open, click and action that email and your application will be visible to the hiring organisation directly.

Start date
ASAP
Duration
3 months
From
Elevate Direct
Published at
28.11.2015
Project ID:
1028222
Contract type
Freelance
To apply to this project you must log in.
Register