Information Security and Assurance Advisor

Information Security and Assurance Advisor

Certain Advantage is recruiting on behalf of an important public sector client for an Information Security & Assurance Advisor to join the team responsible for information governance, security, records management and data protection.

Important Note

Due to the nature of this role supporting multiple sites in the Warwickshire area it is a requirement to have a valid driver's licence. Successful applicants will be subject to national security checks; therefore anyone applying must have lived in the UK for the last five years.

Background

This is an important role ensuring the organisation meets its compliance obligations in the use of the vast amount of data that is collected and processed. You will provide professional guidance and specialist advice with regard to information security and support data protection compliance, ensuring that appropriate controls are identified and implemented to protect personal data. You'll also ensure the organisation is meeting the security assessment framework and strict technical requirements as well as supporting UK GDPR and Data Protection Act 2018 compliance programme. You will also advise on and manage information security incidents and related governance and assurance documentation and reporting requirements.

Responsibilities

• Risk Management, Clarity and Ownership - Work with stakeholders to identify, assess and manage information security risks, ensuring they are clearly understood, owned by the business and reduced to an acceptable level. Ensure risks are well written, consistently defined and assigned to the right owners, translating technical issues into clear business impacts.
• Assurance and Reporting - Provide leadership with clear, honest insight into security risks, highlighting emerging threats and control weaknesses.
• Incident Management and Response - Support effective detection, investigation and response to security incidents, ensuring lessons are learned and controls improved.
• Supplier and Third Party Risk - Manage security risks associated with suppliers and cloud services, ensuring robust requirements are built into procurement and contracts.

Qualifications

Previous experience working within an Information Assurance function where you can demonstrate experience supporting information security risk identification and management, reporting and support of compliance requirements is required.