Connecting to LinkedIn...

Data Security Expert

Job Title: Data Security Expert
Contract Type: Permanent
Location: Berkshire, England
Salary: Negotiable
Start Date: asap
REF: P/DSE/SARA_1608217710
Contact Name: Sara Rowe
Contact Email:
Job Published: 12 months ago

Job Description

Data Security Expert - Mobile Telecoms - Permanent - Berkshire


· Be responsible for defining and maintain the security policies & standards, manage and mature the ISMS, security standards and security processes

· Have responsibility for managing and maintain the company's security accreditation (currently ISO27001 and CAS(T))

· Support and effectively contribute to the TSR program and the company's compliance

· Lead and manage the internal and external audits as and when required to verify compliance with the company's policies and standards

· Manage security risks and the risk process, ensure risk are well defined and be responsible for budget inputs and costings driven from the risk process

· Provide actionable mitigations and remediations for security non-compliances, issues and actions. Identify opportunities to improve security posture, input into and execute strategy to improve security

· Raise awareness of the policies & standards throughout the company

· Support implementation of security controls, evaluate controls for effectiveness, against risk, budget and lowest impact to business process

· Support the budget process, sizing and estimating budget requirements, provide supporting risk and impact analysis

· Manage security incidents as and when they arise, be responsible for incident logs, risks

· Liaise with other MBNL departments including legal to support DPA/GDPR

· Prepare security updates and reports for the Board and Senior Management Team

· Support management of security suppliers and security aspects of supply chain, including procurement and commercial

· Support liaison with both shareholder security departments to both brief them on progress and issues and to learn from their experiences

· Support BCP and DR from an Information Security perspective

· Review new projects and initiatives for security compliance

· Support security projects with specialist security skills

· Undertake management of security tests (e.g. PEN tests, Red Team) as and when required

· Highlight and analyse trends, providing recommendations for improvements

Undertake security incident response rehearsals and exercises

Essential Skills:

  • Internal audits
  • Running and supporting external audit
  • Risk management
  • Security policies
  • Assembling budgets
  • Threat risk analysis
  • ISO27001
  • Gap Analysis
  • Must have a relevant security qualification i.e. CISSP, CISM

Project People is acting as an Employment Agency in relation to this vacancy.