Horsham District Council and Crawley Borough Council are looking for an Information Security Officer to join their Technology Teams, to develop and support the Information Assets Registers, Security Policies, security training and to promote and provide advice and guidance on the security of applications, systems and networked devices.
As Information Security Officer your background will be in information security and information security training. You will be experienced and enthusiastic, and have excellent organisation skills, the ability to work under pressure and to deadlines, along with excellent customer care skills.
Responsibilities will include:
- Analysis of systems and/or applications (on-premise, cloud or supplier managed hosted environments) for security vulnerabilities and advise on how they can be resolved
- Liaising with Council staff and members on cyber/information security compliance and governance and the provision of cyber/information security training using e-learning modules and staff training sessions including informal lunch time staff information sessions.
- Working with Service Designers to ensure that the user requirements designed and built into systems and/or applications meet both security and Technology Strategy requirements for on-premise, cloud or supplier managed hosted environments.
- To keep up with the latest security threats in order to advise and guide the Technology Teams at both Councils on information security advancements and vulnerabilities to maximise the secure implementation of local technology strategies and programmes of work.
- To co-ordinate the annual PSN compliance submissions
- To develop, review and update information security governance, policies, procedures and controls
As Information Security Officer you will be involved in leading and managing all aspects of Information Security Policy development, monitoring and compliance. The role will liaise with the Council’s Data Protection Officer (DPO) and Information Governance Officer regarding the use of and security of information and data assets. To ensure that they deliver in terms of both Councils’ objectives, Technology Strategy and appropriate security and statutory standards and guidelines.
Technical Knowledge / Experience:
- General security best practices
- Security incident response lifecycle processes
- Working knowledge of cloud and on-premise network infrastructure
- Working knowledge of cloud based systems and applications, i.e. SaaS products.
- Working knowledge of information security compliance and training tools, e.g. Phishing Email Simulators
- PSN compliance and Cyber Essentials (Desirable)
- PCI DSS (Desirable)
Although this is a shared post with Crawley Borough Council, as the lead employer, Horsham District Council encourages and supports professional development and offers a generous benefits package to support your work life balance. This includes 27 days’ annual leave plus bank holidays and flexible working arrangements.