Information Security Officer required by a rapidly expanding, software house based in Cardiff. This is a hybrid role with 1-2 days a week onsite with flexibility.
The Information Security Officer will be integral to protecting our client’s information assets. The successful candidate will require a combination of technical expertise, strategic thinking, and effective communication to successfully safeguard against ever-evolving cyber threats.
Main Responsibilities:
-
Create and implement policies and procedures to protect sensitive information.
-
Ensure compliance with legal and regulatory requirements.
-
Identify and assess security risks to the organisation’s information assets.
-
Develop and implement strategies to mitigate these risks.
-
Educate employees about security policies and best practices.
-
Conduct regular training sessions to keep staff informed about new threats and security measures.
-
Develop and manage incident response plans to handle security breaches.
-
Coordinate with IT and other departments to respond to and recover from security incidents.
-
Monitor networks and systems for security breaches.
-
Analyse security logs and reports to identify potential threats and vulnerabilities.
-
Work with other executives and stakeholders to ensure security measures align with business objectives.
-
Communicate security issues and recommendations to senior management and the board of directors.
-
Stay updated with the latest security trends, technologies, and regulatory requirements.
-
Continuously improve the organization's security posture through research and adopting new solutions.
Ideal Background:
-
Strong understanding of IT infrastructure, network security, and cybersecurity principles.
-
Familiarity with various security frameworks and standards such as ISO 27001, NIST, and CIS.
-
Ability to analyse complex information and identify key security risks.
-
Strong problem-solving skills to address and mitigate security threats.
-
Excellent written and verbal communication skills to effectively convey security information to non-technical stakeholders.
-
Ability to present complex security concepts in a clear and concise manner.
-
Relevant certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CEH (Certified Ethical Hacker) are often preferred or required.
-
A relevant bachelor's or master's degree in information technology, computer science, cybersecurity, or a related field (Desirable)
This fantastic role comes with a competitive basic salary and is accompanied with a 10-15% annual bonus, 25 days paid holiday, a flexible pension scheme, flexible working opportunities, childcare vouchers, 6 months maternity leave, continued investment in your career, Bike to Work, discounts and many more