Information Security Specialist - GRC

You need to sign in or
create an account to save a job.

The Audit and Risk Recruitment is assisting a prestigious higher education institution recruit an Information Security GRC Specialist.

Reporting to the Head of Information Security, you will work alongside a collaborative InfoSec team to implement, maintain, and assure the information security policy framework ensuring it is aligned to university objectives, legislative requirements, and industry good practice.

The team supports in excess of 100 departments across the university so you will gain considerable exposure and understanding across domains.

There will be training provided so those with even just limited experience in information security, cyber security, or auditing (compliance or technical focused) are encouraged to apply.

Additionally, communication skills will be key, you will frequently engage with senior stakeholders to positively influence and convey complex technical issues to a non-technical audience at a senior level.

Key responsibilities

  • Implement and maintain the information security policy framework including policy, standards and guidance in accordance with all relevant regulatory, legal, corporate, and third-party security requirements.
  • Monitor university-wide compliance against the information security policy framework, advise on levels of risk due to non-compliance, and assign and track progress against mitigating actions.
  • Create reports on risk and compliance for senior stakeholders across the University including appropriate risk mitigation strategies and improvement plans.
  • Provide specialist expert advice to departments and colleges in implementing information security policies and procedures and to manage and approve local variances to University policy requirements.
  • Stay abreast of changes to any relevant regulatory, legal, corporate, and third-party security requirements and provide specialist expertise, advice and guidance to stakeholders across the University.

Skills / background

  • Experience in Information Security, Cyber Security, Audit, or Compliance
  • Knowledge and experience industry-standard information security management systems, frameworks, controls and standards such as ISO 27001/27002, PCI-DSS, Cyber Essentials, NIST security standards
  • Ability to assess information security risk in a complex environment.

There will be blend of office and home based working.

Interviews with the university are taking place right away. For more information, please apply now.

Similar searches: Permanent, None, Cyber Security, Education, Training & Recruitment, Information Security, IT Compliance, Security Consultant/Specialist