About the Role
This position focuses heavily on information security governance rather than technical execution, making it ideal for someone skilled at reviewing and improving best practices and ensuring compliance across the organization. Your work will not only impact individual departments but will resonate across the entire business, helping to secure data on a large scale.
You will work independently to build relationships with a variety of stakeholders, including legal, procurement, IT teams, and end users, to transform the organization's approach to information security. This role plays a critical part in changing the culture of security across the organization, helping ensure the protection of sensitive data belonging to hundreds of thousands of people.
With the Information Security department currently at 2 but set to grow significantly, this is a unique opportunity to join at a time of transformation, with extensive funding driving expansion. This role offers considerable opportunities for professional development as the team grows.
Why This Role Stands Out
- Governance and Best Practices Focus: Take a leading role in shaping and refining the organization’s approach to information security governance, ensuring best practices are followed across all levels of the business.
- Broad Organizational Impact: This isn’t just a departmental role; your work will influence the entire organization, helping to secure vast amounts of data critical to its success.
- Key Relationship Building: Act independently and build strong relationships with stakeholders, including legal, procurement, IT, and end users, driving meaningful change.
- Career Growth: With the security team expected to expand, this role provides opportunities for growth and leadership within the department.
What's on Offer
- Competitive Benefits: Enjoy a 20% pension contribution, private healthcare, enhanced maternity/paternity leave, and more.
- Generous Time Off: 26 days of annual leave (rising to 30 with service), plus bank holidays, an extra day off for your birthday, and the option to buy extra leave.
- Supportive Environment: Free lunches on-site, access to a free on-site gym, and wellbeing support to keep you focused and energized.
- Flexibility: Enjoy a hybrid working model with a mix of office and remote work, helping you maintain a healthy work-life balance.
Key Responsibilities
- Governance and Compliance Leadership: Review, implement, and improve information security governance practices across the organization, ensuring compliance with frameworks such as ISO27001/2:2022.
- Stakeholder Engagement: Build strong, collaborative relationships with legal, procurement, IT, and end users to embed security into the fabric of the organization’s culture.
- Best Practice Development: Continuously evaluate and improve security processes to ensure they are aligned with industry best practices.
- Change Management: Help drive a culture of security throughout the organization, ensuring that employees understand and follow security protocols.
- Strategic Impact: Assist in shaping the long-term security strategy during the organization’s ongoing transformation, ensuring that security is considered in all business decisions.
Ideal Candidate
- Governance Expertise: Strong knowledge of information security governance, with experience in reviewing and improving best practices.
- Relationship Builder: Ability to work independently and establish effective working relationships with key stakeholders across departments.
- Proactive Mindset: A self-starter who can influence and guide the organization’s approach to security without heavy technical involvement.
- At least 5 years of experience in IT security roles (analyst, engineer, or governance), with a strong understanding of ISO27001/2:2022 and related frameworks.
- Experience working in an organization handling large-scale data collection, storage, or hosting is highly desirable.
About Our Client
Our client is a highly respected organization in the midst of a large-scale transformation, with significant funding to support growth and innovation. Their mission involves managing and securing vast amounts of critical data, and they are looking for an experienced professional to help ensure the security of this information as they expand.
