Job provided by Zoho Recruit
Share this job on social:
About the job
Are you a risk and security professional with an interest in and aptitude for technology? Looking for an opportunity to implement and apply risk and security practices in a way that actually, makes a difference to the business?
We are seeking someone with energy and experience to own and oversee the program of activities that will keep our clients business secure and compliant for the benefit of staff, partners and customers. This is your chance to really assess the business context and make sensible, appropriate recommendations, suitable for a modern tech company and see them through.
You have experience with ISO27001 and have worked in a similar role for an organisation.
The role is based in Glasgow and reports to the VP Operations.
Key ResponsibilitiesBusiness Improvement ChampionSophisticated approach to information security, risk management, data protection and continuous improvementEnthusiasm to educate the business and link security & risk activities to business outcomes.Raise awareness and influence stakeholders in the business to effect change and promote a continuous improvement mindset.ISO 27001Run the corrective actions register and drive actionsLead the IS Forum, including prepare agenda, minutes, reportsUpdate risk register. Conduct risk assessments & applicability to our businessRun information security management system (ISMS)Manage internal & external auditsReport to management on ISMSProvide consultation and guidance to managers re: IS practicesScan and update the business on applicable legislation and regulationMaintain documents and policies related to ISMSCustomer vendor risk assessment and procurement processesRespond to customer IT & Risk assessment requests (written and F2F)Maintain information to support sales and marketingDrive initiatives to proactively anticipate customer requirementsInput to product development, to address risks, security, client expectationsData ProtectionEnsure compliance with data protection legislationMaintain documents, policies related to data protectionConduct PIAs and consult to other areas conducting them in the businessPoint of contact in the business for data protection queries
Skills, Experience, MindsetSelf-starter, able to work to deadlines with a positive attitudeWilling to take take responsibility, make decisions and recommendationsSophisticated understanding of risk based approaches in a fast paced tech businessPrior responsibility for completing vendor risk assessments as vendor to banksUnderstanding of cloud software and considerations for risk and securityExperience overseeing an Information Security Management SystemAchieved and or maintained an ISO 27001 certificationUnderstanding of data protection regulations and implications for complianceNatural interest and in technology, ability to independently problem solveExperience implementing change programs and influencing stakeholdersExcellent written and oral communication and presentation skillsConfidence and experience interacting with customers and senior stakeholdersBonus: experience with Salesforce and Google Business Suite
Additional InformationWe offer a great place to work in a fun, dynamic environment with a totally committed team.You may be eligible to take part in our Employee Share Options PlanApply now via the link below or email #####@######.###