SECURITY COMPLIANCE SPECIALIST - CISA / ISO, Audit / Assurance

Placed: 30/11/17
Region: Berkshire
Category: Jobs


Content of the advertisement:

Working for a major telecoms organisation, you will be responsible for developing and managing a high profile security compliance assessment programme.

Role

This role forms part of the Risk and Security team. Risk and Security is part of the wider Business Operations function and is accountable for all aspects of security governance and security operations across the business. We are responsible for managing Information Security, Corporate Risk Management, Business Continuity, and Compliance. This includes setting security policies and standards and providing guidance on their implementation, facilitating compliance with security legislation and standards, managing security incidents and investigations, providing application and infrastructure security monitoring, testing and assurance, access control assurance for critical systems, and security training and awareness.

* You will be assessing internal compliance against established security standards, ISO27001, PCI-DSS and ND1643 Interconnect Standard and support the Security Compliance Lead in driving the security compliance programme.
* You will be responsible for delivering and reporting on the status of all IT audit recommendations raised by Group and Statutory auditors as part of our security compliance programme.
* You will work very closely with our 3rd parties and partners in assessing and driving their compliance to our control standards.
* You'll be assisting the Security Compliance Lead and Information Security Manager in developing our security & compliance strategy, ensuring it's relevance to the business and further ensuring it is in line with established industry standards and legal & regulatory requirements.
* Working with the Information Security Manager and Risk & Business Continuity Manager, you will prepare a security compliance dashboard for discussion and review at our monthly Risk Board.
* In addition, you will be working cross functionally across our business to ensure all business programmes, projects and activities enhance and do not hinder security compliance levels.
* Monitor compliance against security policies and processes & standards.

Responsiblities

* Assist in the development and implementation of the control frameworks to meet business and regulatory requirements (Legal, DPA, PCI etc), from concept to implementation e.g. controls design, testing regimes and risk treatment plans
* Develop and manage our security compliance programme, metrics and dashboard for monthly business reporting
* Establish our current security compliance baseline and a 3 year rolling business plan
* Perform prioritised security compliance reviews (internally, third parties and partners) to assess compliance against established standards and legal & regulatory requirements
* Articulate findings, recommendations following each security compliance review in a business friendly report
* Monitor the progress of agreed recommendations through our Risk Board activity
* Work with our Group companies to ensure alignment in approach and share best practice
* Assess and monitor compliance against our security policies and processes
* Review activities performed by other internal Security teams to ensure an aligned approach to enhance the level of security compliance
* Remain current by attending industry events and represent Information Security Compliance and Governance in appropriate forums

Experience

* Significant, demonstrable, experience within a security compliance or security management role
* Proven experience of designing, managing and driving a security compliance programme
* Experience of proactively managing and driving business change through stakeholder engagement and management
* Security Certification such as CISSP, CISM, PCI QSA, certified ISO27001 Lead Auditor or CISA
* Being articulate and capable of explaining technical issues simply both verbally and in writing
* Self-starter with the ability to work independently when needed, and as part of a high performing team
* Strong communication skills, verbal, written and inter-personal communication skills
* Ability to multi-task and work on projects concurrently and under tight deadlines
* Must be detail oriented and customer focused with excellent, prioritisation, time and task management skills
* Enthusiastic, with a drive to continue learning and developing new skills
* Focused on delivering good customer service - responding to requests within required timeframes, proactively providing regular updates, driving rapid resolution of requests
* Defining and delivering continuous service improvement, whilst ensuring continued delivery of BAU services

Project People is acting as an Employment Business in relation to this vacancy