Summary: The IT Security Officer role involves leading the ISO 27001 compliance and certification process for a leading client in London, with the option for fully remote work. The position is focused on establishing and maintaining an Information Security Management System (ISMS) to protect client data and ensure the resilience of information systems. The role requires a proactive approach to risk management and the implementation of security controls to safeguard critical business information. This is a 12-month contract position classified as outside IR35.

Key Responsibilities:

• Develop and implement a comprehensive ISMS in line with ISO 27001 standards.
• Ensure the confidentiality, integrity, and availability of client data and information systems.
• Conduct risk assessments and apply a risk management process to mitigate cyber threats.
• Provide senior management with confidence that cyber risks are effectively managed.
• Implement security controls to mitigate threats to networks and information systems that support essential services.
• Develop incident response and business continuity plans to ensure the continued operation of critical services.
• Lead internal audits and security assessments to measure compliance and identify areas for improvement.
• Implement Cyber Security Controls including those defined in ISO 27001 Standard.
• Identify and protect critical information and communication technology systems and data from cyber threats.
• Implement risk management processes to manage cyber risks and mitigate threats to critical infrastructure and services.
• Conduct risk assessments including asset-based and scenario-based evaluations.
• Update and maintain asset and risk register.
• Implement an information security risk treatment plan to prevent or reduce undesired effects.
• Continual improvement to effectively manage risks.
• Mitigate identified risks using existing technology and processes, supplemented with new technology/process where applicable.
• Implement Information Security policies and standards.
• Define and implement procedures/processes as required by ISO 27001 Standard and existing Information Security Policies/Standards.
• Engage with stakeholders across IT and business to define and implement controls.

Key Skills:

• Previous IT Security officer experience.
• Strong knowledge of ISO 27001 standards.
• Experience in developing and implementing ISMS.
• Proficiency in risk assessment and management processes.
• Ability to implement security controls and incident response plans.
• Experience in conducting internal audits and security assessments.
• Strong communication skills to engage with stakeholders.
• Knowledge of cyber security controls and best practices.

Salary (Rate): 450

City: London

Country: United Kingdom

Working Arrangements: remote

IR35 Status: outside IR35

Seniority Level: Mid-Level

Industry: IT