Security Strategist
We are seeking a skilled Security Strategist to lead our information security initiatives. This role will be responsible for defining and implementing best practice information security policies, standards, and processes based on ISO 27001.
Key Responsibilities:
• Maintain our ISO 27001 certification and ensure ongoing compliance with regulatory requirements.
• Provide security architecture advice and guidance to technical teams, ensuring the implementation of defence in depth and security by design principles.
• Manage and deliver new information security programmes, including risk assessments, threat analyses, and mitigation strategies.
• Implement Governance, Risk, and Compliance (GRC) controls and measures to protect systems and data, and verify current digital solutions and processes are in line with current policies and modern secure technologies.
• Develop and maintain information security policies, standards, and guidelines, and contribute to the development of digital strategies to address information security risks.
• Collaborate with business, internal IT, and third-party vendor teams to promote and adopt security best practices, and provide information security support to current and future IT projects.
Requirements:
• Good knowledge of managing an ISO 27001 Information Security Management System and a minimum of 5 years' experience working in information security.
• Understanding of GDPR and Data Privacy Impact Assessment, as well as monitoring and reporting on compliance with security and data protection policies.
• Strong understanding of Microsoft M365, Power Platform, CoPilot, and Azure security, and ability to carry out technical security audits, triage security incidents, and develop security hardening standards.
• Familiarity with Zero trust technologies and architectures, and degree or equivalent in Information Security, Computer Science, Engineering, or similar field.
• Recognised security certification such as CISSP, CISP, or CISA is desirable.
What We Offer:
• A dynamic and inclusive work environment that values mutual respect and belonging.
• Opportunities for professional growth and development, and a commitment to Corporate Responsibility and Sustainability.
• Flexible working arrangements and a strong organisational culture that supports work-life balance.