Principal Information Assurance Officer
Posted 3 days ago
- Donnington, Berkshire
- Any
- External
- Expires In 3 months
Principal Information Assurance Officer | Telford | req119451
As part of our Kuehne+Nagel Government and Defence (KNGD) contract we have an exciting opportunity to be part of something very special. We are looking for a Principal Information Assurance Officer who will ensure that Kuehne+Nagel comply to the appropriate IT Security Policies and Procedures.
YOUR ROLE
As the Principal Information Assurance Officer you will play a pivotal role in maintaining compliance with customer's information security frameworks, standards and ISO 27001. You will provide expert advice, guidance, oversight and supervision of information security controls and systems to protect the availability, integrity and confidentiality of customer and company assets both in storage and in transit. Acting as a Subject Matter Expert, you will provide advice and guidance on a wide variety of information security issues, concerns for the contract to ensure that it meets all relevant obligations and will maintain effective links between data privacy, legal, regional/global and UK information security. The role will be predominately located out of our site in Donnington, Telford however the role is suitable for hybrid working as long as you can commit to commuting to Donnington and other locations when required
YOUR RESPONSIBILITIES
Develop and maintain documentation, guidelines, standards, processes, policies and any other relevant material in line with ISO27001 and customer security frameworks and standards
Input into Business Continuity/Disaster Recovery strategies regarding information security (ISO 27001 and ISO 22301) requirements
Plan and implement company wide information security training and security awareness for all staff
Manage security incidents and conduct security reviews/audits
Lead internal and external information security audits and reviews and work closely with external auditors to pre-empt, mitigate, and swiftly respond to any audit findings that require action
Ensure that relevant personnel are kept informed of developments in compliance, regulatory changes, customer / government requirements and any other news relevant to the function, customers and Kuehne + Nagel
Maintain the accreditation of key systems within the contract using a bespoke six-step process
Lead investigations following security incidents and preparation of associated reports
Lead Information Security Management meetings, which will include technical experts
Maintain the Security risk register and write risk assessments
Ensure the effectiveness of the vulnerability management programme by taking action based on the threat landscape, customer requirements and regulatory changes
Engage with external customers, suppliers, and other stakeholders to determine contractual, regulatory or operational requirements
YOUR SKILLS AND EXPERIENCES
Previous experience of working in Information Security
CISM or equivalent (plus desirable to have membership of Institute of Information Security Professionals (IISP) or British Computer Society (BCS) at Associate or Full member)
CompTIA Security+ Certification is desirable
Experience of ISO 27001 (preferably certified at ISO 27001 Implementation or Lead Auditor)
Understanding and experience of HMG information, physical and personnel security requirements (e.g. Security Policy Framework or CPNI policies)
Demonstrable experience in an area of technical information security (e.g. Operating Systems, Application & Network security)
Experience of building and maintaining an Information Security Management System (ISMS)
Knowledge and experience with Business Continuity/Disaster Recovery (ISO 22301)
Information Technology Infrastructure Library (ITIL) security management certification or knowledge is desirable
Solid understanding of the risk management lifecycle
Ability to gain HMG SC clearance, otherwise willing to undergo SC vetting
Great verbal and written communication skills with the ability to build effective relationships with key stakeholders
GOOD REASON TO JOIN
As well as our competitive pay rates and superb training opportunities, we also offer a great working environment. You will be respected and valued if you work for us and have genuine opportunities to progress and develop.
26 days holidays plus bank holidays
2 volunteering days per year
3 x Life Assurance Option if you join the KN Route2 pension scheme
A tailored personal development and training programme.
Trusted and empowered to deliver and be your best.
We are happy to talk about flexible working. Please ask about alternative patterns of work at interview.
Enhanced Maternity/Paternity Leave
Childcare Vouchers
Cycle to work scheme
Discount on high street stores and local supermarkets (Tesco, Asda, Sainsburys & more)
Refer a friend scheme As proud holders of the Gold Covenant, we are a forces-friendly employer who recognise the skills, expertise and value service leavers bring to our organisation
ABOUT KUEHNE+NAGEL
With over 80.000 employees at some 1,300 locations in over 100 countries, the Kuehne+Nagel Group is one of the world's leading logistics companies.
TPBN1_UKTJ
As part of our Kuehne+Nagel Government and Defence (KNGD) contract we have an exciting opportunity to be part of something very special. We are looking for a Principal Information Assurance Officer who will ensure that Kuehne+Nagel comply to the appropriate IT Security Policies and Procedures.
YOUR ROLE
As the Principal Information Assurance Officer you will play a pivotal role in maintaining compliance with customer's information security frameworks, standards and ISO 27001. You will provide expert advice, guidance, oversight and supervision of information security controls and systems to protect the availability, integrity and confidentiality of customer and company assets both in storage and in transit. Acting as a Subject Matter Expert, you will provide advice and guidance on a wide variety of information security issues, concerns for the contract to ensure that it meets all relevant obligations and will maintain effective links between data privacy, legal, regional/global and UK information security. The role will be predominately located out of our site in Donnington, Telford however the role is suitable for hybrid working as long as you can commit to commuting to Donnington and other locations when required
YOUR RESPONSIBILITIES
Develop and maintain documentation, guidelines, standards, processes, policies and any other relevant material in line with ISO27001 and customer security frameworks and standards
Input into Business Continuity/Disaster Recovery strategies regarding information security (ISO 27001 and ISO 22301) requirements
Plan and implement company wide information security training and security awareness for all staff
Manage security incidents and conduct security reviews/audits
Lead internal and external information security audits and reviews and work closely with external auditors to pre-empt, mitigate, and swiftly respond to any audit findings that require action
Ensure that relevant personnel are kept informed of developments in compliance, regulatory changes, customer / government requirements and any other news relevant to the function, customers and Kuehne + Nagel
Maintain the accreditation of key systems within the contract using a bespoke six-step process
Lead investigations following security incidents and preparation of associated reports
Lead Information Security Management meetings, which will include technical experts
Maintain the Security risk register and write risk assessments
Ensure the effectiveness of the vulnerability management programme by taking action based on the threat landscape, customer requirements and regulatory changes
Engage with external customers, suppliers, and other stakeholders to determine contractual, regulatory or operational requirements
YOUR SKILLS AND EXPERIENCES
Previous experience of working in Information Security
CISM or equivalent (plus desirable to have membership of Institute of Information Security Professionals (IISP) or British Computer Society (BCS) at Associate or Full member)
CompTIA Security+ Certification is desirable
Experience of ISO 27001 (preferably certified at ISO 27001 Implementation or Lead Auditor)
Understanding and experience of HMG information, physical and personnel security requirements (e.g. Security Policy Framework or CPNI policies)
Demonstrable experience in an area of technical information security (e.g. Operating Systems, Application & Network security)
Experience of building and maintaining an Information Security Management System (ISMS)
Knowledge and experience with Business Continuity/Disaster Recovery (ISO 22301)
Information Technology Infrastructure Library (ITIL) security management certification or knowledge is desirable
Solid understanding of the risk management lifecycle
Ability to gain HMG SC clearance, otherwise willing to undergo SC vetting
Great verbal and written communication skills with the ability to build effective relationships with key stakeholders
GOOD REASON TO JOIN
As well as our competitive pay rates and superb training opportunities, we also offer a great working environment. You will be respected and valued if you work for us and have genuine opportunities to progress and develop.
26 days holidays plus bank holidays
2 volunteering days per year
3 x Life Assurance Option if you join the KN Route2 pension scheme
A tailored personal development and training programme.
Trusted and empowered to deliver and be your best.
We are happy to talk about flexible working. Please ask about alternative patterns of work at interview.
Enhanced Maternity/Paternity Leave
Childcare Vouchers
Cycle to work scheme
Discount on high street stores and local supermarkets (Tesco, Asda, Sainsburys & more)
Refer a friend scheme As proud holders of the Gold Covenant, we are a forces-friendly employer who recognise the skills, expertise and value service leavers bring to our organisation
ABOUT KUEHNE+NAGEL
With over 80.000 employees at some 1,300 locations in over 100 countries, the Kuehne+Nagel Group is one of the world's leading logistics companies.
TPBN1_UKTJ