Information Security Officer - Basingstoke | Zoek UK
This Browser does not support all the features of .
For the best experience please use a Modern Browser.
Information Security Officer
Basingstoke, Hampshire, England
80000.0000 - 85000.0000
Permanent (Full time)
We have a fantastic opportunity for an Information Security Officer to join Sovereign. You’ll lead our approach to information security across the organisation, creating a culture where information security is well understood and managed, enabling Sovereign to deliver on its goals and objectives.
As a leading Housing Association, we are committed to providing quality, affordable homes and services within sustainable, successful communities. We're led by our values and driven by a strong social purpose, placing our residents at the heart of everything we do.
What you'll be doing:
Reporting to the Audit and Risk Director but also being accountable to the Executive Board, you’ll be responsible for establishing, developing and maintaining our cross-organisation approach to information security.
Working proactively across the whole organisation, particularly with teams that are pivotal to our information security, you’ll create a structured approach to ensuring our infrastructure, processes and culture adequately protect Sovereign’s information assets on behalf of our customers, employees and other stakeholders.
- Developing and implementing an information security vision and strategy across the organisation which aligns to our strategic goals, working closely with IT Security and Data Protection colleagues
- Creating and continually keeping up to date an information security management framework based on leading good practice. Clearly identifying differing roles and responsibilities related to information assets in the business
- Facilitating an information security governance structure, forming an information security steering committee or advisory board. You’ll build knowledge and awareness about the importance of information security across the organisation
- Coordinating with other providers of assurance in the organisation to create a risk-based process to assess and mitigate any information security risks. You’ll manage and contain any information security incidents and events to protect Sovereign’s information security assets
- Working with CIO Enterprise Architecture, IT Security and Data Governance teams to build alignment between the management of information security and enterprise reference architectures, ensuring that information security requirements are implicit in these architectures and in associated design and delivery principles
- Creating a reporting framework to measure the efficiency and effectiveness of the information security capability
What we need from you:
We’re looking for a leader with demonstrable information security expertise and a vision of what good looks like. You’ll have a sound knowledge of business management and working knowledge of the role technologies and digital play in an organisation’s ecosystem.
To be successful in this role you’ll need:
- To be a thought leader on information security and influencer, effectively collaborating with a range of stakeholders, achieving strategic aims through others
- The ability to work effectively by coordinating activities across multiple functions with competing priorities to mature our information security capability at pace
- Knowledge of internal and external business environments with an understanding of IT and working knowledge of cybersecurity technologies
- Excellent written and verbal communication skills with the ability to clearly articulate the impact of information security on Sovereign to stakeholders at all levels, including the Board, Executive management and colleagues working at the front lines of the organisation
- To be a critical thinker, with strong problem-solving skills. Motivated by opportunities for transformation and overcoming any challenges in implementation
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework
- Professional security management certification is desirable but not essential; such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials
We're all working from home at the moment, however with offices in Basingstoke, Newbury and Christchurch we can be flexible on your base location when we do start to safely return to the workplace. In time, there may be some travel required between our offices and sites so you should be comfortable with this and have access to transport.
It's a fantastic time to join us at Sovereign. We have an ambitious corporate plan to deliver an inspiring agenda of change and growth in a sustainable way. You'll be joining a highly skilled team at the forefront of driving these improvements and we'd love to hear from you to explore your skills and experience further.