Information Security Officer required by a rapidly expanding, software house based in Cardiff. This is a hybrid role with 1-2 days a week onsite with flexibility.
The Information Security Officer will be integral to protecting our client's information assets. The successful candidate will require a combination of technical expertise, strategic thinking, and effective communication to successfully safeguard against ever-evolving cyber threats.
Main Responsibilities:
- Create and implement policies and procedures to protect sensitive information.
- Ensure compliance with legal and regulatory requirements.
- Identify and assess security risks to the organisation's information assets.
- Develop and implement strategies to mitigate these risks.
- Educate employees about security policies and best practices.
- Conduct regular training sessions to keep staff informed about new threats and security measures.
- Develop and manage incident response plans to handle security breaches.
- Coordinate with IT and other departments to respond to and recover from security incidents.
- Monitor networks and systems for security breaches.
- Analyse security logs and reports to identify potential threats and vulnerabilities.
- Work with other executives and stakeholders to ensure security measures align with business objectives.
- Communicate security issues and recommendations to senior management and the board of directors.
- Stay updated with the latest security trends, technologies, and regulatory requirements.
- Continuously improve the organization's security posture through research and adopting new solutions.
**Ideal Background:
- Strong understanding of IT infrastructure, network security, and cybersecurity principles.
- Familiarity with various security frameworks and standards such as ISO 27001, NIST, and CIS.
- Ability to analyse complex information and identify key security risks.
- Strong problem-solving skills to address and mitigate security threats.
- Excellent written and verbal communication skills to effectively convey security information to non-technical stakeholders.
- Ability to present complex security concepts in a clear and concise manner.
- Relevant certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CEH (Certified Ethical Hacker) are often preferred or required.
- A relevant bachelor's or master's degree in information technology, computer science, cybersecurity, or a related field (Desirable)
This fantastic role comes with a competitive basic salary and is accompanied with a 10-15% annual bonus, 25 days paid holiday, a flexible pension scheme, flexible working opportunities, childcare vouchers, 6 months maternity leave, continued investment in your career, Bike to Work, discounts and many more.