Information Security Officer

Social network you want to login/join with:

MUST HAVE PREVIOUS BANKING EXPERIENCE TO BE CONSIDERED

The Information Security Officer works within the Information Security Office of the Bank to ensure all information and cyber risks are identified, analysed, mitigated, and monitored, ensuring the smooth operation of the Bank. The ISO contributes to the Information/Cyber Security Strategy and Roadmap, enabling defence-in-depth and defence-in-breadth to safeguard banking operations.

The ISO collaborates closely with Security Engineering, Security Operations, and Business Resilience Teams across the bank.

The ISO addresses external attacks, mitigates zero-day vulnerabilities, and identifies security flaws. It ensures that Executive Management's risk targets are met and contributes to the continual improvement of the Bank's Cyber Assurance Framework.

• Collaborate with Security Engineering and Operations Teams to integrate security measures into business processes.
• Advise business units on security issues and initiatives.
• Oversee project activities to evaluate information security risks for new projects, products, and systems.
• Supervise resolution of risks identified during audits or assessments.
• Develop and maintain security governance documents.
• Create and deliver security awareness training.
• Maintain records of ISO activities.
• Provide updates to the ISMS governance committee.
• Manage security requirements and liaise with relevant parties.
• Support annual budgeting and planning.
• Participate in Cyber Incident Response.
• Coordinate with vendors for technology evaluations.

Evaluate, recommend, and implement cloud security controls.

• At least five years of experience in Information Assurance or within a regulated UK sector.
• Relevant security qualification (degree, CISSP, or CISM).
• Strong technical knowledge across security, software development, and IT systems.
• Knowledge of NIST CSF.
• Willingness to learn and expand skills in security and financial services.
• Ability to work autonomously and as part of a team.
• Analytical skills to interpret data and threats.
• Awareness of common cyber incidents and breaches (OWASP).
• Knowledge of SOC2, ISO 27K, PCI DSS, GDPR.
• Experience in Cyber Incident Response.

Hands-on experience with security tools.

Please contact me to discuss the role. [emailprotected] or 0207 337 0045