Security Compliance Specialist
Based in Berkshire
We have a contract opportunity for an Security professional to join a major telco client, working in their Risk & Security Team.
In this role you will act as the Security Compliance Specialist and will be reporting into the Information Security Manager. This is a pivotal role in developing and managing their security compliance assessment programme, key 3rd parties and partners.
This role forms part of the Risk and Security team. Risk and Security is part of the wider Business Operations function and is accountable for all aspects of security governance and security operations. The team is responsible for managing Information Security, Corporate Risk Management, Business Continuity, and Compliance. This includes setting security policies and standards and providing guidance on their implementation, facilitating the companies compliance with security legislation and standards, managing security incidents and investigations, providing application and infrastructure security monitoring, testing and assurance, access control assurance for critical systems, and security training and awareness.
- You will be assessing internal compliance against established security standards, ISO27001, PCI-DSS and ND1643 Interconnect Standard and support the Security Compliance Lead in driving a security compliance programme.
- You will be responsible for delivering and reporting on the status of all IT audit recommendations raised by Group and Statutory auditors as part of our security compliance programme.
- You will work very closely with our 3rd parties and partners in assessing and driving their compliance to our control standards.
- You`ll be assisting the Security Compliance Lead and Information Security Manager in developing our security & compliance strategy, ensuring it`s relevance and further ensuring it is in line with established industry standards and legal & regulatory requirements.
- Working with the Information Security Manager and Risk & Business Continuity Manager, you will prepare a security compliance dashboard for discussion and review at our monthly Risk Board.
- In addition, you will be working cross functionally across our business to ensure all business programmes, projects and activities enhance and do not hinder security compliance levels.
- Monitor compliance against security policies and processes & standards.
What we are looking for:
- An experienced Security professional with excellent PCI Compliance and Industry standards knowledge
- Will ideally have either CISA, CISM, PCI QSA or CISSP certification
- Have previously driven PCI compliance across various domains
- Will ideally worked as a SME in this area before - will need gravitas
- Also have knowledge of Information Security
- Any retail/utilities/ecommerce type company background would be great
- Have excellent communication skills
- An ability to present / chair meetings / interact with 3rd parties
If you would like to be considered, please submit your CV through to firstname.lastname@example.org
Project People is acting as an Employment Business in relation to this vacancy.