Information Security Specialist

Description:

The Group Information Security Team is responsible for group information security strategy, risk management, assurance and capability development to support a number of regional information security teams.

The Information Security Policy Author will support the Group Information Security Manager in delivering these global functions, with a particular focus on Information Security Policies.

The role will report directly to the Group Information Security Manager (GISM) and provides an opportunity to obtain policy development and strategic information security and programme implementation experience at the enterprise level.

To write, maintain and help communicate information security policies and procedures, ensuring data management policy alignment across the business and with emerging information security standards and frameworks adopted by the business. Provide solutions and updates of policy development and implementation, including training to assist staff understanding and compliance.

Key Duties And Responsibilities Include
 

• Write policies and procedures: Draft and support to publication, a range of documents covering a broad range of information security policy and procedure. Assist IT managers in the technical writing of internal policies and procedures.
• Relationship Management: Collaborate with internal stakeholders to gain an understanding of their department requirements and company-wide procedures and operations relating to information security governance, data quality and data protection that need to be aligned. Identify and action opportunities for policy improvement to ensure information security governance meets the needs of the business whilst continuing to protect it.
• Policy Management: Working with an existing document management team and document architecture, review, edit and revise existing and new guidelines, policies and manuals as necessary.
• Policy Communication and Implementation: Support communication and implementation of published information security policies and proactively identify any barriers to application or compliance.
• Self-Management: Manage self in line with the people management policies, procedures, processes and practices to ensure adherence and to maximise own contribution to business performance.
   

Candidate Specification

Essential
 

• At least three years of experience of writing information security policies and procedures.
• Excellent knowledge of information security standards and frameworks
• Excellent communication and collaborative working skills to identify business challenges and to bring about business process change.
• Proactive self-starter, self-directed and driven to excellence in all aspects of role
• Decision making skills; creative and persistent problem solver
• Good working knowledge of Microsoft product suite.