497 jobs - 1 added today
96242 registered Jobseekers
Recruiting? Call us on 01772 639042
Email me newest jobs similar to this one
25 days ago
only 3 days until close

Information Security Officer/DPO


Lookers
Salary: Negotiable
Location: Manchester
Job type: Permanent
Contact: Jayne McKerral
Category: Finance Office Jobs
Apply
Select how you want to share:
View similar

Information Security Officer/DPO,

Finance Department, Lookers Head Office, Manchester

Contract Type: Permanent

Main Duties and Responsibilities

Data Security Management Framework

The IS/DPO is responsible for documenting our governance and control framework in respect of Data Security and ensuring that our information security strategies are aligned with and support business objectives and are consistent with applicable laws and regulations through adherence to policies and internal controls, covering such areas as:

· Access Controls

· Data Handling

· Malware Protection

· System Configuration

· Personnel Security

· Physical Security

· Business Continuity Plans

· Third Party Security

· Regulatory compliance

· Change management

Communication

The IS/DPO is also responsible for communicating our approach to cyber risk management throughout the Group and communicating the value of security and our processes to our employees.

Security Incidents

The IS/DPO has responsibility for handling reported security incidents, identifying root cause and playing a lead role in crisis management and advising on threat detection. The IS/DPO will define the processes to protect us against network attacks and other cyber-crime.

Audit Framework

The IS/DPO will be expected to create an audit framework and conduct internal audits to verify compliance to Information Security policies and standards and advise where remedial actions are required, highlighting where these are not in line with our risk appetite.

Risk Assessments

The IS/DPO has responsibility for the carrying out Information Security Risk Assessments and Data Privacy Impact Assessments, keeping the Risk Register up to date and providing Risk based management information to the Business.

Data Protection

The IS/DPO will manage our GDPR programme including:

· Carrying out an information audit and data and asset mapping/information flows

· Identifying and documenting the legal basis on which we are processing information

· Updating fair processing notices

· Assisting with the maintenance of a customer database with current marketing preferences

· Monitoring compliance with the data retention and destruction policy

· Implementing a data breach response plan; being the point of contact with the ICO, maintaining a breaches log and reporting to the ICO

· Carrying out a data protection impact assessment when appointing a new data processor and ensuring data processing agreements are entered into, advising on cross border data transfers and termination of data processing agreements

· Taking responsibility for DSARs and management of the Right to be Forgotten

Key Skills and Qualifications

· A security certification such as CISSP/CISM/CISA/CISMP.

· Strong academic record, to degree level or equivalent industry experience

· Be fully conversant with ISO27001 information security standard and PCI-DSS

· Ability to adapt to a fast-moving IT landscape and keep pace with latest thinking and new security technologies

· A passion for technology and security safeguarding with a desire to deliver

· Thrives on change, showing an impressive ability to drive the IT security strategy forward

· Analytical mind capable of managing numerous information sources and providing analysis and reports to senior management

· Strong customer focus - able to meet the demands of internal and external customers

· Excellent communication skills - providing verbal and written communication that is understandable and engaging to senior management and colleagues

· Flexible and adaptable - capable of changing direction where required and showing flexibility to meet new demands

· Forms business partnerships that help drive the IT security strategy forward

· Can make decisions that are well informed and timely

· Creative thinking - able to look at alternatives and consider new ways of thinking to problem solve

· Multi-tasking - can manage several concurrent projects and prioritise demands

· Knowledge of risk analysis and risk management methodologies

Why us...?

In recognition of the hard work, flexibility and commitment of our people we have recently introduced a new and improved industry leading benefits package. This includes competitive basic salaries, enhanced holidays that increase with service, critical illness cover after 2 years, one year fully paid maternity leave for women and for some roles a company car and high earning potential through commission or bonus.


Information Security Officer/DPO,

Finance Department, Lookers Head Office, Manchester

Contract Type: Permanent

Main Duties and Responsibilities

Data Security Management Framework

The IS/DPO is responsible for documenting our governance and control framework in respect of Data Security and ensuring that our information security strategies are aligned with and support business objectives and are consistent with applicable laws and regulations through adherence to policies and internal controls, covering such areas as:

· Access Controls

· Data Handling

· Malware Protection

· System Configuration

· Personnel Security

· Physical Security

· Business Continuity Plans

· Third Party Security

· Regulatory compliance

· Change management

Communication

The IS/DPO is also responsible for communicating our approach to cyber risk management throughout the Group and communicating the value of security and our processes to our employees.

Security Incidents

The IS/DPO has responsibility for handling reported security incidents, identifying root cause and playing a lead role in crisis management and advising on threat detection. The IS/DPO will define the processes to protect us against network attacks and other cyber-crime.

Audit Framework

The IS/DPO will be expected to create an audit framework and conduct internal audits to verify compliance to Information Security policies and standards and advise where remedial actions are required, highlighting where these are not in line with our risk appetite.

Risk Assessments

The IS/DPO has responsibility for the carrying out Information Security Risk Assessments and Data Privacy Impact Assessments, keeping the Risk Register up to date and providing Risk based management information to the Business.

Data Protection

The IS/DPO will manage our GDPR programme including:

· Carrying out an information audit and data and asset mapping/information flows

· Identifying and documenting the legal basis on which we are processing information

· Updating fair processing notices

· Assisting with the maintenance of a customer database with current marketing preferences

· Monitoring compliance with the data retention and destruction policy

· Implementing a data breach response plan; being the point of contact with the ICO, maintaining a breaches log and reporting to the ICO

· Carrying out a data protection impact assessment when appointing a new data processor and ensuring data processing agreements are entered into, advising on cross border data transfers and termination of data processing agreements

· Taking responsibility for DSARs and management of the Right to be Forgotten

Key Skills and Qualifications

· A security certification such as CISSP/CISM/CISA/CISMP.

· Strong academic record, to degree level or equivalent industry experience

· Be fully conversant with ISO27001 information security standard and PCI-DSS

· Ability to adapt to a fast-moving IT landscape and keep pace with latest thinking and new security technologies

· A passion for technology and security safeguarding with a desire to deliver

· Thrives on change, showing an impressive ability to drive the IT security strategy forward

· Analytical mind capable of managing numerous information sources and providing analysis and reports to senior management

· Strong customer focus - able to meet the demands of internal and external customers

· Excellent communication skills - providing verbal and written communication that is understandable and engaging to senior management and colleagues

· Flexible and adaptable - capable of changing direction where required and showing flexibility to meet new demands

· Forms business partnerships that help drive the IT security strategy forward

· Can make decisions that are well informed and timely

· Creative thinking - able to look at alternatives and consider new ways of thinking to problem solve

· Multi-tasking - can manage several concurrent projects and prioritise demands

· Knowledge of risk analysis and risk management methodologies

Why us...?

In recognition of the hard work, flexibility and commitment of our people we have recently introduced a new and improved industry leading benefits package. This includes competitive basic salaries, enhanced holidays that increase with service, critical illness cover after 2 years, one year fully paid maternity leave for women and for some roles a company car and high earning potential through commission or bonus.


Email me newest jobs similar to this one

  Back to the top