Responsible for the management of, and provision of expert advice on, the selection, design, justification, implementation and operation of information security controls and management strategies to maintain the confidentiality, integrity, availability, accountability and relevant compliance of information systems with legislation, regulation and relevant standards.
Establishing standards and processes for the management of information security in compliance and applicable legislation and standards.
Building a culture of effective information security.
Updating the information security strategy and taking responsibility for the assessing and managing information security risk, particularly IT security risk.
Sound understanding of information security concepts and technologies, e.g. Encryption of data in transit and at rest, Security information and Event Management and Identity and Access Management.
Demonstrable experience of working with and leading on the implementation of information security standards (such as ISO 27000 or O-ISM3).
Experience of successfully introducing a new Information Security programme within an organisation.
Good communication skills, including the ability to convey information security concepts in accessible and engaging terms.
Strong problem-solving skills.
ITIL V3 foundation or Intermediate certified Experience.