Overall Job Purpose:
The security of information is critical to the ongoing success and reputation of the SCC Data Centre Services business. The role of Information Security Officer will offer the successful candidate an exciting opportunity to work closely with the business to ensure that information is used in a secure and appropriate manner.
An opportunity to work in a challenging and fast paced environment, working on a subject matter that is key to the ongoing success of the SCC Group of companies.
The opportunity for an IS Compliance Officer is to ensure that technological & organisational security practices are consistent with ISO27001, ISO20000, PCI DSS (where required to assist customers integration and contractual take on), ITIL etc.
Essentially the role will ensure all IT Audit policies, procedures, standards & practices are consistent across the Group in the United Kingdom, together with Data Security Standards, IT Governance, Risk Management & Continuous improvement processes. You will be familiar with dealing with Personal Data and security standards, although you will not be required to understand these technologies to a technical level on conceptual.
The role of Information Security Officer will also form part of the core security team that deliver and drives continual technical service improvement across the internal SOC function covering Data Centre Services and SCC customers ensuring delivery of best of breed compliant security services in the most effective and efficient manner.
Main Duties of the Job:
The role will work with other teams including operational and technical, to ensure policy and processes are being followed to meet customer and external certification bodies’ audits.
Many processes and procedures are already developed and in place to support the current certifications but where new documentation is required you will be tasked in developing this or ensuring the relevant departments have developed this and is in place and audited for compliance.
• policy maintenance
• security training and awareness
• policy compliance measurement and risk assessment
• review of security incidents and ensure correct closure and future prevention
• host local InforSec reviews and feedback from external audits
• help drive security and compliance awareness
• Risk assess customer data within the data centre and provide risk mitigation reports for improvements
• Regular reporting to peers, management and customers on progress of Information Security Compliance highlighting Risks and issues and areas of improvement
The Information Security Officer will not have any direct reports but will be required to work and organise personnel in the schedule of audits and also be supportive to other departments within the business.
The role is based at the Data Centre Services Cole Valley location in Birmingham but may require travel to customer sites and other SCC Group locations.