Information Security GRC Officer

Overview

· Help oversee Altrata’s Information Security risk program and supporting processes

· Facilitate Information Security risk assessments and actively identify risks to our organisation

· Maintain our SOC2 accreditation

· Manage our project to implement ISO27001

· Maintain and improve security documentation (policies, standards, FAQs etc.)

· Take a leading role with our Business Continuity and Disaster Recovery programs

· Prepare reports on the status of the information security program to senior management

· Provide security awareness training to all business areas

· Support third party risk management activities

· Support with client assurance/due diligence requests

Ideal Candidate

· 5+ years in industry coming from a GRC background

· Exceptional communication skills, manging and influencing stakeholders at all levels, including Executive Leadership

· Experience running ISO27001 / SOC2 projects, demonstrating that you have experience in implementing security controls and maintaining security compliance in accordance with industry standards.

· Experience managing Disaster Recovery/Business Continuity Plans/Tests and ensuring they are kept up to date and relevant for our clients and auditors

· Strong understanding of information security risk management methodologies and processes

· Experience in identifying, assessing, and managing security risks within an organisation.

· Good understanding of security controls and how to use them to mitigate risks. This includes high-level knowledge of technical security controls as well as administrative controls such as policies and procedures.

Key Information –

- Salary up to £70k with a competitive package

- 10% target bonus scheme

- Start date: 26th May

- Remote working – option available to work on site in London

- No sponsorship

- Must pass background and reference checks

- Certifications aren’t key but ISO27001 Lead Implementer or other relevant certifications would be desirable (CISA etc.)