Job Description

Posted 1 week ago

Information Security Officer required by a rapidly expanding, software house based in Cardiff. This is a hybrid role with 1-2 days a week onsite with flexibility.

The Information Security Officer will be integral to protecting our client’s information assets. The successful candidate will require a combination of technical expertise, strategic thinking, and effective communication to successfully safeguard against ever-evolving cyber threats.

Main Responsibilities:

* Create and implement policies and procedures to protect sensitive information.

* Ensure compliance with legal and regulatory requirements.

* Identify and assess security risks to the organisation’s information assets.

* Develop and implement strategies to mitigate these risks.

* Educate employees about security policies and best practices.

* Conduct regular training sessions to keep staff informed about new threats and security measures.

* Develop and manage incident response plans to handle security breaches.

* Coordinate with IT and other departments to respond to and recover from security incidents.

* Monitor networks and systems for security breaches.

* Analyse security logs and reports to identify potential threats and vulnerabilities.

* Work with other executives and stakeholders to ensure security measures align with business objectives.

* Communicate security issues and recommendations to senior management and the board of directors.

* Stay updated with the latest security trends, technologies, and regulatory requirements.

* Continuously improve the organization's security posture through research and adopting new solutions.

Ideal Background:

* Strong understanding of IT infrastructure, network security, and cybersecurity principles.

* Familiarity with various security frameworks and standards such as ISO 27001, NIST, and CIS.

* Ability to analyse complex information and identify key security risks.

* Strong problem-solving skills to address and mitigate security threats.

* Excellent written and verbal communication skills to effectively convey security information to non-technical stakeholders.

* Ability to present complex security concepts in a clear and concise manner.

* Relevant certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CEH (Certified Ethical Hacker) are often preferred or required.

* A relevant bachelor's or master's degree in information technology, computer science, cybersecurity, or a related field (Desirable)

This fantastic role comes with a competitive basic salary and is accompanied with a 10-15% annual bonus, 25 days paid holiday, a flexible pension scheme, flexible working opportunities, childcare vouchers, 6 months maternity leave, continued investment in your career, Bike to Work, discounts and many more

Skills: