As a member of the Legal & Compliance Team and reporting to the General Counsel, the Information Security Officer is responsible for the continued adaptation, maintenance, monitoring and modification of an ISO 27001 compliant ISMS – including facilitation of annual ISMS and ICT controls audits. These in support of both the UK Gambling Commission & Sarbanes-Oxley Act of 2002.

In their capacity as ICO registered Data Protection Officer, they will to deliver, practical, robust & documented procedures that support Inspired’s continued GDPR compliance – As both a data controller for its personnel and a data processor across a multinational customer base.

Responsibilities:

Lifecycle management of Inspired’s ISO 27001 compliant ISMS. Including, but not limited to:

  • Ratified policy amendments.
  • Adjusting for non-conformities.
  • Design and publication of company-wide awareness training.
  • Scheduling and orchestrating Inspired’s quarterly, exec -chaired, Information & Security Governance Board. Including it’s subordinate IT Security Working Group & product security reviews.
  • Facilitation of internal & external audits in either the security, IT or data protection space.
  • Management of the information security risk register.
  • Engaging with IT Corporate Services and Network Operations to analyse and mitigate cyber security threats, vulnerabilities and manage incidents.
  • Working with Business Services & IT Corporate Services to develop tangible, robust and effective business continuity & disaster recovery practices.
  • Producing reporting on Inspired’s cyber initiatives for board level.
  • Development of and support to Inspired’s wider Governance, Risk and Compliance initiatives.
  • Support Inspired product releases with guidance on security or data protection during gate processes.

Skills Required:

  • At least 5 years’ experience in the information security.
  • ISO 27001 Lead Implementor certification.
  • ISO 27001 Lead Auditor certification.
  • Proven experience in driving a proactive information security culture.
  • Understanding of risk management frameworks, compliance and incident management.
  • Exceptional competence in information analysis, report production and presentations.
  • Development and delivery of eLearning training solutions for staff.

Beneficial Experience:

  • Familiarity with other ISO/IEC standards such as ISO 9001, 27036 and 31000.
  • The Sarbanes-Oxley Act of 2000.
  • Certified CISM, CISA or CISSP.

VAC-3557

To apply for this job please visit inspiredcareers.secure.force.com.