Information Security Officer

Apply for this role

In a Nutshell

Reporting to the Head of Information Security the Information Security Officer will be responsible for acting as a subject matter expert on Information Security across the entire organisation and growing global customer base.

Provide focus on security topics and continuous improvement for security across multiple locations.

Responsibilities

  1. Support a high functioning information security in multiple locations
  2. Help drive a security culture, working to continually improve in accordance with business requirements
  3. Proactively refine an information security framework and best practice ways of working into teams across the business to develop maturity around approach and understanding security responsibilities and principles.
  4. Work with a network of external partners to optimise the service model
  5. Support the delivery of effective governance and reporting across the information security function as well as any projects/actions/issues
  6. Maintain proactive and regular interactions with senior client representatives.
  7. Support all information security initiatives
  8. Identify and address gaps in information security
  9. Provide guidance in terms of technologies, techniques, and methodologies for Information Security
  10. Develop (where necessary) and maintain ENSEK’s information security policies, processes and procedures.
  11. Facilitate Information Security training and support for Learning and Development
  12. Support the Information Security Impact Assessments (ISIAs) and ensure that all necessary updates to existing ISIAs take place as appropriate
  13. Act as the primary contact for notification of incidents and breaches
  14. Coordinating security improvement working groups
  15. Involvement in client bids and tenders, as well as ongoing due diligence in respect of all suppliers and business partners.
  16. Assure all aspects of ENSEK security and privacy with security frameworks (e.g. ISO27001, PCI DSS, NIST).
  17. Supporting an audit service, leading the internal and external audits as part of a wider and regular audit programme

OTHER RELEVANT DUTIES

  1. To ensure compliance with required training and any associated documentation
  2. To maintain a broad understanding of practices and developments relevant to the energy sector and your area of specialism
  3. To promote and maintain a positive, results orientated work environment, building partnerships and teamwork across ENSEK
  4. The position may involve other duties appropriate to the role

Key Skills

TECHNICAL SKILLS

  1. Security qualifications and certifications (such as CISSP, CISM, CISA or equivalent) and ITIL service management qualifications.
  2. Experience of security audits – ISO 27001, SOC1, SOC2, PCI-DSS and others
  3. Experienced Information Security Officer, understands and appreciates intricacies of security and leading troubleshooting situations
  4. Confident in the use of security tools and techniques that are appropriate for the situation, partnered with dynamism and flexibility to achieve the right outcomes
  5. Expert in reporting and communication security reports and processes to business stakeholders and other resources
  6. Proven experience in working for a fast-paced product-led tech business
  7. Confidently manage stakeholder expectations
  8. Experience of implementing security capabilities including structure, procedures and best practice
  9. Experience of working in complex, multi-priority matrix organisations, with expertise dealing with both technical and other stakeholders
  10. Take a collaborative approach and foster strong working relationships across other departments within ENSEK

PERSONAL SKILLS

  1. Ability to drive and respond quickly to changing demands
  2. Willingness to work in a fast-moving matrix environment and values the importance of teamwork
  3. Ability to demonstrate discretion and handle confidential information sensitively.
  4. Excellent communicator with the ability to influence senior decision-makers across the business
  5. Strong stakeholder management and influencing skills, demonstrating outstanding levels of diplomacy and tact
  6. A flexible attitude and able to thrive in a high pressure environment
  7. Proven ability to manage multiple third-party supplier relationships
  8. Successful track record of working within geographically diverse functions
  9. Take personal responsibility for organising day to day workload.
  10. Work independently and proactively.
  11. Experience in Energy/Utilities would be advantageous but not essential