Career Level Not Specified
Experience Not Specified
Industry Not Specified
Qualifications Not Specified
This is a full-time position on an initial 10-week contract – the IR35 Status is currently undertimined.
Rate of Pay (Hourly):
The purpose of this role is to ensure that appropriate measures are taken to protect the security, confidentiality, integrity and availability of the Council’s information.
The post holder will work closely with other security roles to cover the broad scope of corporate security assurance – physical, procedural and technical.
To promote information security practices throughout the Council. To develop and deliver information security awareness training to motivate employees to make compliance and information security an inherent part of the corporate culture.
To develop and maintain Information Security policies and procedures.
To conduct Information Security related audits and assist with any other Information Security tasks necessary to prevent the unauthorised use, release, modification or destruction of data.
Recommend and implement changes in security policies and practices in accordance with changes in regulatory compliance.
Manage the Council’s information security incident reporting process ensuring that incidents are recognised, properly investigated and recorded and that lessons are learned. To lead on investigations and liaise with third parties, including the Information Commissioners Office, when required.
Work with project teams to ensure that new projects and changes adhere to information security policies and information management best practice by championing and supporting the corporate wide adoption of Privacy Impact Assessments to support a ‘security by design’ culture.
Take forward a programme of work on behalf of the Council’s Information Governance Group and lead on significant business change projects as required.
Key Knowledge, Skills and Experience Required:
Detailed knowledge and practical understanding of legislation, regulation, policies, procedures and standards for information management.
Practical knowledge of information security principles and best practice.
Experience of successfully developing and delivering security awareness training to staff at different levels of an organisation.
Experience in managing information security risks and investigating and reporting on incidents.
Experience of conducting Privacy Impact Assessments.
Experience of securely handling sensitive material with a high level of accuracy and attention to detail.
Relevant Information Security qualification
Barton & Graham acts as an employment business when supplying temporary staff and as an employment agency when introducing candidates for permanent employment with a client. Barton & Graham is an equal opportunities employer and decisions are made on merits alone