£45,000 to £50,000

Information Security Advisor

Ref: 378| Posted: 2nd Sep 2019

This vacancy is now closed

Durham Professional Services is looking to recruit an Information Security Advisor to be based with our client in the centre of Glasgow. This international client is looking for a skilled ISA to join their team, working on challenging and fast paced projects.

The role of the Information Security Adviser is to identify information security risks across our client’s entire organisation (including products, systems, metadata, people and processes), assess these risks and partner with operational teams to ensure that effective controls are in place to manage them.

Working closely with colleagues in the Privacy Office, the post-holder will be a member of the Corporate Assurance team, and plays a major role in delivering the strategic mission of promoting the highest ethical and governance standards across the organisation

The Job

On a day to day basis, you’ll be involved in the following:

  • Working collaboratively with colleagues across ACCA (especially in the Privacy Office and Cyber Security team), provide expert advice across operations on matters relating to information security, ensuring consistent interpretation of the client’s information security policy requirements and alignment with the over-arching enterprise risk management framework. 
  • Support operational business areas and projects as necessary in undertaking 3rd party information security due diligence and supplier assessments.
  • Design, implement, review and monitor an annual information security plan, including regular review of the information security governance framework that encompasses the necessary roles, processes, management information and technology in support of the information security risk management needs of the client.
  • Monitor and report on information security compliance to internal and external stakeholders as necessary, including supporting the client Director with information security reporting requirements to the client’s Audit Committee
  • Develop, implement and maintain mechanisms to deliver appropriate levels of awareness regarding information security and promote and instill an information security culture that is consistent with and aligned to the organisation’s wider enterprise risk appetite and data privacy maturity program


The Person

Ideally, we’re looking for someone who has:

  • Holds a university degree or has completed equivalent higher education or has equivalent relevant work experience
  • Ideally possesses [or is actively working towards] a relevant professional qualification such as CISA, CISM, CISSP or ISA (PCI)
  • Relevant track record of delivering Information Security advice and expertise in a diverse corporate environment
  • Knowledge of information security standards and methodologies
  • Knowledge of the Payment Card Industry Data Security Standard (PCI DSS) is desirable
  •  Strong interpersonal skills with the ability to collaborate  at all levels both internally and externally
  • Proactive and enthusiastic individual who is able to work on their own initiative and able to meet strict deadlines