Back to search
An organisation with multiple business units is seeking an Information Security Officer to lead its enterprise-wide information security programme.
The role is responsible for protecting information assets and ensuring the organisation's security posture aligns with business objectives, regulatory requirements, and recognised industry standards. The Information Security Officer will own security strategy, risk management, policy development, and incident response, while promoting security awareness across the organisation.
Key Responsibilities
Develop and maintain an organisation-wide information security strategy.
Establish and enforce security policies, standards, and governance processes.
Lead incident response and manage security breaches.
Ensure compliance with relevant laws, regulations, and security frameworks.
Embed security into risk management, application development, and operational processes.
Report on security risks and programme performance to senior leadership.
Support supplier assurance, audits, penetration testing, and security requirements in tenders.
Skills and Experience
Experience in an information security or IT risk role.
Working knowledge of frameworks such as ISO/IEC 27001, NIST, PCI-DSS, or Cyber Essentials.
Strong communication and stakeholder engagement skills.
Ability to manage multiple priorities in a fast-paced environment.
