Description
Information Security, ISO 27001, HMG
Job Title: Information Security Consultant - GRC
Location: Netherlands/Germany
Rate: Negotiable
Duration: 3 Month Rolling Contract
Start Date: Immediate
Job Title: Information Assurance & Security Manager
Job Purpose:
Leading and supporting an effective approach to Information Security, Data Protection and Business Continuity Management to minimise risk consistent with HMG Security and IA policy, standards and guidance.
Key Responsibilities and Accountabilities:
- lead the development of a Risk Management Accreditation Document Sets (RMADS) in accordance with HMG/CESG IA Standards 1 & 2
- implement appropriate measures to ensure Data Protection Act compliance and compliance with the Authorities' requirements and meeting requirements of BS10012:2009
- review and implement appropriate technical and organisational measures to protect the Personal Data against unauthorised or unlawful processing and against accidental loss, destruction, damage, alteration or disclosure. These measures will be appropriate to the harm which might result from any unauthorised or unlawful Processing, accidental loss, destruction or damage to the Personal Data and having regard to the nature of the Personal Data which is to be protected
- take reasonable steps to ensure the reliability of any Contractor Personnel who have access to the Personal Data
- provide a focal point for resolution of security and information risk matters
- assist with checking compliance with applicable regulations, standards, policies and guidance on information security risk management
- assist with investigations into security incidents
- promote security awareness
- liaise with accreditors to gain timely accreditation
- contribute to security communications
- contribute to the development of IA strategies, policies and awareness
- review the effectiveness of IA and security controls in accordance with accreditation conditions and corporate security policies
- report security incidents or breaches of security policy in accordance with standard procedures and guidance from GovCertUK
- initiate and assist investigations into security incidents in accordance with forensics readiness policy (HMG Security Policy Framework, Mandatory Requirement 37)
- contribute to IA maturity assessments
- assist with maintaining the relationship with GovCertUK ensuring that security incidents ensuring that GovCert warnings and advisories are acted upon where appropriate
- support the attainment and retention of, ISO27001 and BS25999 certification and ensure compliance with BS 10012:2009
- supports and attend the Business Resilience and Information Security Committee
- have the ability to articulate technical issues clearly to a non-technical audience
- be able to prioritise and multi task
- maintain a calm and focussed demeanour when placed under pressure
- Have the ability to respond to and assist with major security incidents and crisis events out of normal working hour
- operate with the highest levels of discretion, tact, honesty and integrity
Competencies:
- Developing Capability - we are passionate about learning and proactively seek to transform the capability of the organisation and individuals. We identify development opportunities; providing constructive feedback and coaching to enable growth through high performing teams.
- Making an Impact - we make an immediate positive impression. We influence effectively with clarity and conviction, demonstrating high levels of integrity. We are confident and communicate in a credible and persuasive manner.
- Adapting to Change - we approach change with responsiveness, adaptability and resilience. We are flexible and move with pace without over complicating things. We create an environment for challenge, change and renewal.
- Customer Focus - we are committed to working with internal and external customers. We identify, understand and respond to their current and future needs in order to deliver a high quality provision and exceed their expectations.
- Competitive Edge - we have a commercial and financial mindset and proactively identify and pursue business opportunities. Through lateral and creative strategies we adapt, diversify and operative competitively in order to maximise shareholder value.
- Achieving Together - we form positive, professional and trusting relationships to deliver business objectives. We create an inclusive environment, encouraging collaboration to build effective and engaging partnerships.