Information Security Officer
Information Security Manager
To assist with ensuring that the companies, products, networks, infrastructure and services remain secure. The role will include working with development, technical and other internal teams to ensure that our products and offerings are secure by design.
The Information Security Officer will be required to consider aspects of security from product/service inception through to delivery, helping define and enforce policy, standards and good practice across the business. The ideal candidate will have a technical or development background and a keenness to develop the culture of a security-focused organisation.
The role will require some travel within the UK.
The Information Security Officer is responsible for the following:
- Providing Information Security technical expertise as required support internal, cloud and production infrastructure and the development of software.
- Co-ordinate and deliver knowledge transfer as required ensuring colleagues have an overview of their requirements to be compliant with Information
- Track the developments of Cyber Security and Information Security standards and guidance, ensuring products will comply in accordance with implementation
- Assist and contribute to the clinical safety cases for product releases providing IS assurances and confirming that changes do not contravene national recommended best practice.
- Assist with ensuring compliance the Alliance meets the National Data Guardians 10 Data Security Standards.
- Assist in the arrangement and delivery of annual Information Governance and Information Security Training.
- Work closely with linked colleagues across the companies, including the Information Security Manager, the Information Governance Manager, Compliance Manager and the Technical and Operational Leads.
- Promoting awareness of customer and security
- Track and asses current and potential threats and recommend actions to Security Manager as appropriate
- Maintain general risk management including, monitoring, investigating and assessing threats, security risk assessments, risk recommendations and maintaining the alliance Information Security Risk Register.
- Assist with the security of the internal Jira and Breathe systems.
- Keep up to date with legislation on Security and data quality both corporately and within the NHS.
- An excellent technical background with development experience highly desirable.
- A good understanding of the Information Security industry and cyber security
- Strong knowledge of security especially within Azure and Office 365, but also networking/server environments including IAM/MFA/MDM across multi-platform systems. Ideally this will have been gained from within an application development environment.
- A good knowledge of certificates, network security protocols, encryption standards and deployments including public/secret keys, IPSec/SSL/TLS etc.
- Vulnerability scanning/testing, SIEM, IDS/IPS and other security related product experience. Knowledge of data quality principles and standards (including relation to NHS healthcare data).
- Experience with information systems, processes and uses of information with the NHS
- A proactive and positive approach and attitude to developing an increased Information Security aware culture.
- Ability to produce reports that evaluate and present complex data in an understandable
- Have a high degree of competence in the use of Microsoft Office and desktop applications and can demonstrate good skills with respect to database and spreadsheet
- Excellent verbal, written and presentation
- Excellent interpersonal and communication
- Ability to work in a pressurised
- Ability to meet
- Ability to respond to unpredictable work patterns and
- Ability to work as part of a team or in a stand-alone capacity
Communications and working relationships
- Ability to interact and co-operate with all colleagues at all levels;
- Maintain professional internal relationships;
- Proactively establish and maintain effective working team relationships with adjacent departments and associated companies;
- Effectively communicate and support other members within the post holder’s
- This role involves may sometimes involve working with and managing the relationships with external suppliers and agencies, partners and customers.
Please apply in writing, sending a covering letter and CV to firstname.lastname@example.org