- Department / Function IT
- Location Cardiff City Centre
- Number of roles available 1
- Salary Competitive Salary
- Closing Date 29/11/2019
The Cyber Security Team is vital protecting the organisation’s personal and commercial information. The team protects the business against a wide variety of threats including data loss, hackers and cyber security attacks. They work across all areas of MotoNovo using our people, processes and technologies to protect us.
As the Information Security Officer you will be responsible for leading activities to ensure appropriate access, confidentiality, integrity and availability of enterprise systems and data through effective security policies, processes and procedures. You will act as Information Security governance, risk and compliance person for all internal and external stakeholders, providing expertise on Information Security policies.
What you will be doing
- Provide advice, guidance, and support to all business areas on Group Information Security compliance, and manage, track and report on exceptions or instances of non-compliance
- Establish and maintain effective working relationships across the business and technology teams to drive good Information Security practices and initiatives
- Regularly formally review and evaluate policies, processes and procedures to ensure they are effective and continuously improved for Information Security
- Manage and monitor all current regulatory, legal, business, contractual and data privacy security requirements, to ensure future requirements are identified, assessed and incorporated
- Design and assist in implementing mechanisms for Information Security education, training and awareness programmes for all staff
- Manage and co-ordinate engagements with internal and external compliance and audit organisations
- Be responsible for Information Security audit actions to ensure they are managed to completion within the required timescales
- Maintain an Information Security risk and control register, risk treatment plans and Information Security improvement plan
- Provide regular governance, risk and compliance reporting utilising risk and key performance metrics and indicators
- Collate response to internal, customer and regulatory requests and due diligence questionnaires with regard to Information Security
- Complete evaluations on new and existing third parties Information Security posture as part of MotoNovo’s due diligence and supplier management processes
What you will need
- Experience within an Information Security role with policy, audit, governance, risk and compliance
- Experience in Policy, process and procedure design, review and implementation
- To have initiative and to be able to recognise policy and process deficiencies and implement effective solution
- To have an understanding of all aspects of Information technology, its operation and implementation (eg. infrastructure, operating systems, applications, Internet)
- Awareness of industry wide good security practice and operation of IT systems, policies, standards and regulations
- A curious mind for solving problems
- Excellent communication and interpersonal skills to enable you to explain technical concepts in a more simple and logical manner and the ability to build lasting relationships across the business and collaborate with a variety of people
- To be able to plan and organise well, with clear direction and an eye for detail
- To be flexible to change
- To be able to work under pressure
- Have a motivated and enthusiastic attitude
What the process looks like
If successful at the application stage, you will be invited to complete a telephone call with the Head of Cyber Security. If this goes well we will then invite you in to complete a face to face interview which will include competency based interview questions and some technical questions. If this goes well we will be asking you to join the team!
This isn’t just an opportunity for us to find out about you, it’s also an opportunity for you to find out about us. So please bring along some questions we will be more than happy to answer them.
We welcome applications from all suitably qualified candidates as we know that Diversity & Inclusion is integral to the success of the company and we are striving to build a company where everyone feels welcome and valued and where differences are embraced.
Please be aware that we reserve the right to close this vacancy early should sufficient applications be received.
Please be aware that you will be required to provide proof of right to work in the UK should you be successful in joining us.
We do not accept speculative agency CVs. Any CV received will be treated as a gift and not eligible for an agency fee. PSL agencies should only send CVs if authorised to do so by the Recruitment team.