Information Security & Compliance Officer

ASSA ABLOY Group

View: 107

Update day: 07-05-2024

Location: Solihull West Midlands

Category: IT - Software

Industry: Building Materials

Position: Mid-Senior level

Job type: Full-time

Loading ...

Job content

Information Security & Compliance Officer at Biosite Systems
Biosite provides technology-enabled services that have been specifically designed to optimise operational efficiency, improve health and safety and ensure compliance for construction projects. Biosite’s purpose is to support the transformation of the construction industry, by being innovators in developing technology and software solutions that give our customers peace of mind that they are in control of their sites. Underpinned by a unique biometric algorithm Biosite provides market-leading software solutions for workforce management, task management, material management and fire safety & security. At the heart of all Biosite solutions is the capture of quality data that is converted to valuable real-time insight, enabling our customers to make more informed decision making.

Following our recent success, Biosite is expanding its team. Reporting directly to the Technical Director, you will be responsible for leading, implementing and developing the company’s Information Security and Data Protection policies, helping to ensure we maintain the highest standards of information security for our products and services.

We’re a diverse team who look to use the right tool to solve the problem at hand, we use a broad range of technologies - so there’s plenty of opportunities to learn new things and grow as an engineer. Our products present a broad range of technical challenges, everything from complex distributed systems to sophisticated front ends for presenting large volumes of information. The company’s adaptable and proactive culture empowers staff to utilise their talent and continue the drive for continuous improvement, encouraging our teams to build the best products, with the best technologies.

This position is fully remote based in the UK.

Main Responsibilities And Tasks
  • Documenting policy, processes, and standards for the ISO27001 certified information security management system.
  • Regularly reviewing and updating policies, procedures and standards based on feedback from stakeholders, audit, and when significant changes occur.
  • Supporting the wider governance, risk, and compliance activities for the business.
  • Guiding internal auditors during internal audits, and performing internal audits where it does not conflict with your role.
  • Guiding external auditors during external second and third party information security and data protection audits, as well as responding to assurance questions from current and potential customers.
  • Managing the response to information security incidents.
  • Ensuring compliance with relevant information security and data protection laws.
  • Managing and maintaining ISO 27001, CyberEssentials, and other relevant certifications for the business.
Key working relationships (internal and external)
  • Close collaboration with the technical director, operations director, and operational teams on information security requirements and implementation.
  • Providing assurance on information security and data protection practices to external customers.
  • Arranging and working with external auditors to achieve certification.
  • Reporting on the performance of the information security management system to the board of directors.
Person Profile: Essential qualifications, experience, knowledge and behaviours
  • Demonstrable experience in managing information security.
  • Demonstrable knowledge of data protection laws and requirements.
  • Passionate about information security and the protection of personal, customer, and business data.
  • Well organised, punctual, and a strong communicator
Desirable
  • ISO27001 implementer or auditor certifications.
  • Experience implementing GDPR compliance.
  • Experience implementing CyberEssentials compliance.
  • Experience managing information security for cloud platforms.
  • CISSP, CISA, or CISM qualification
  • CIPP/E qualification
Salary and benefits
  • Flexible hours, 40 hrs/week with core hours from (10am - 4pm London)
  • 24 days leave, rising to 30 days with length of service.
  • 10% time available to use on your own projects and ideas
  • Company pension scheme

We are the ASSA ABLOY Group
Our people have made us the global leader in access solutions. In return, we open doors for them wherever they go. With nearly 50,000 colleagues in more than 70 different countries, we help billions of people experience a more open world. Our innovations make all sorts of spaces – physical and virtual – safer, more secure, and easier to access.

As an employer, we value results – not titles, or backgrounds. We empower our people to build their career around their aspirations and our ambitions – supporting them with regular feedback, training, and development opportunities. Our colleagues think broadly about where they can make the most impact, and we encourage them to grow their role locally, regionally, or even internationally.

As we welcome new people on board, it’s important to us to have diverse, inclusive teams, and we value different perspectives and experiences.
Loading ...
Loading ...

Deadline: 21-06-2024

Click to apply for free candidate

Apply

Report job
Loading ...
Loading ...

SIMILAR JOBS

Loading ...
Loading ...