Summary: The IT Security Officer role involves leading the ISO 27001 compliance and certification process for a leading client in London, with the option for fully remote work. The position focuses on establishing, implementing, and maintaining an Information Security Management System (ISMS) to safeguard client data and critical business information. The officer will also conduct risk assessments, implement security controls, and engage with stakeholders to enhance the organization's security posture. This is a 12-month contract position classified as outside IR35.

Key Responsibilities:

• Develop and implement a comprehensive ISMS in line with ISO 27001 standards.
• Ensure the confidentiality, integrity, and availability of client data and information systems.
• Conduct risk assessments and apply a risk management process to mitigate cyber threats.
• Provide senior management with confidence that cyber risks are effectively managed.
• Implement security controls to mitigate threats to networks and information systems that support essential services.
• Develop incident response and business continuity plans to ensure the continued operation of critical services.
• Lead internal audits and security assessments to measure compliance and identify areas for improvement.
• Implement Cyber Security Controls including those defined in ISO 27001 Standard.
• Identify and protect critical information and communication technology systems and data from cyber threats.
• Implement risk management processes to manage cyber risks and mitigate threats to critical infrastructure and services.
• Conduct risk assessments including asset-based and scenario-based evaluations.
• Update and maintain asset and risk register.
• Implement an information security risk treatment plan to prevent or reduce undesired effects.
• Continually improve to effectively manage risks.
• Mitigate identified risks using existing technology and processes, supplemented with new technology/process where applicable.
• Implement Information Security policies and standards.
• Define and implement procedures/processes as required by ISO 27001 Standard and existing Information Security Policies/Standards.
• Engage with stakeholders across IT and business to define and implement controls.

Key Skills:

• Previous IT Security officer experience.
• Knowledge of ISO 27001 standards.
• Experience in developing and implementing an ISMS.
• Strong understanding of risk management processes.
• Ability to conduct risk assessments and security audits.
• Experience in developing incident response and business continuity plans.
• Familiarity with Cyber Security Controls.
• Strong communication and stakeholder engagement skills.
• Ability to implement information security policies and standards.
• Experience in continual improvement processes for risk management.

Salary (Rate): 450

City: London

Country: UK

Working Arrangements: remote

IR35 Status: outside IR35

Seniority Level: undetermined

Industry: IT