Career Level Not Specified
Experience Not Specified
Industry Not Specified
Qualifications Not Specified
Information Security Officer – Public Sector
Pay: 24ph umbrella
Hours: 37 hour week
Duration: 3 month +
Scope: Inside IR-35
Purpose of the role:
* The post holder will ensure that appropriate measures are taken to protect the security, confidentiality, integrity and availability of the information.
* The post holder will work closely with other security roles to cover the broad scope of corporate security assurance – physical, procedural and technical.
* To promote information security practices throughout the organisation.To develop and deliver information security awareness training to motivate employees to make compliance and information security an inherent part of the corporate culture.
* To develop and maintain Information Security policies and procedures.
* To conduct Information Security related audits and assist with any other Information Security tasks necessary to prevent the unauthorised use, release, modification or destruction of data.
* Recommend and implement changes in security policies and practices in accordance with changes in regulatory compliance.
* Manage the information security incident reporting process ensuring that incidents are recognised, properly investigated and recorded and that lessons are learned.To lead on investigations and liaise with third parties, including the Information Commissioners Office, when required.
* Work with project teams to ensure that new projects and changes adhere to information security policies and information management best practice by championing and supporting the corporate wide adoption of Privacy Impact Assessments to support a ‘security by design’ culture.
* Relevant Information security qualification
Detailed knowledge and practical understanding of legislation, regulation, policies, procedures and standards for information management.
Practical knowledge of information security principles and best practice.
Experience of successfully developing and delivering security awareness training to staff at different levels of an organisation.
Experience in managing information security risks and investigating and reporting on incidents.
Experience of conducting Privacy Impact Assessments.
Experience of securely handling sensitive material with a high level of accuracy and attention to detail