Information Security/Governance Specialist

Your new company
An established software business and outsourcing company based in the North Surrey area.

Your new role
This is a broad role covering all aspects of ISO 27001

  • Regular reporting to the Information Security Manager in respect of the Company's ISMS and Information Security related projects and issues.
  • Reviewing the present Information Security Framework, creating a roadmap for improvements and managing the continual service improvement process (CSIP).
  • Developing and maintaining the information security policy and accompanying standards, procedures and guidance.
  • Delivering defined controls and their distribution to relevant teams within the Company.
  • Investigating security incidents and producing reports with recommendations for any remedial action.
  • Undertaking risk assessments and managing treatment plans.
  • Engaging with external auditors and the co-ordination of internal and external audits in accordance with ISO27001 accreditation requirements.
  • Interacting with the HR team to ensure processes are adhered to and records kept for future audits.
  • Ensuring the Company's continuous adherence to relevant laws, regulations and guidelines, as well as developing implementing / developing supporting policies.
  • Delivering training, including change, incident, audit, document and supplier management and conducting employee induction processes relating to Information Security.



What you'll need to succeed
You will have previously worked in the delivery of ISO 27001 Info Security system in a previous role.
You will need to be happy to turn your hands to both administrative and technical information management and security issues and be hands-on in your approach.
You should have:



  • Experience of undertaking legal and regulatory compliance, including the Data Protection Act, GDPR and ISO27001.
  • An understanding of information life-cycle management.
  • Practical experience and involvement with audits.
  • Experience of providing staff training around Information Security.
  • Understanding of security threats and compromise methods and experience of creating documentation of IT Security Controls.



What you'll get in return
This is an excellent opportunity for an experienced ISO 27001 specialist to join a relaxed and friendly team with the prospects to advance in a relatively short time to take on further responsibility.

What you need to do now
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at



Similar searches: Permanent, Full Time, None, Information Security, IT Compliance, Technology, ICT & Telecoms, Security Auditor