Information security and continuity officer

Apply Now
Company
Mpac Group
Job location
Coventry, UK
Salary
Undisclosed
Posted
Hosted by
Adzuna

Job details

Role Title: Information Security and Continuity Officer (ISCO) Location: United Kingdom (with occasional travel to other Mpac Group sites) Department: IT Services Job Summary The Information Security and Continuity Officer (ISCO) is a senior IT role responsible for safeguarding Mpac Group’s information assets and ensuring the continuous, secure operation of its critical IT services. The ISCO oversees the organisation’s information security, cybersecurity, service monitoring, data backup processes, and business continuity planning. This role is pivotal in ensuring that all IT systems are secure, reliable, and resilient against potential threats, disruptions, and disasters. Combining strategic oversight with hands-on management, the ISCO plays a critical role in protecting the organisation’s digital infrastructure and ensuring business continuity. Key Responsibilities Develop, implement, and maintain the organisation’s information security strategy, policies, and procedures. Ensure that all IT systems and data are protected against internal and external threats, including cyberattacks, data breaches, and unauthorised access. Conduct regular security audits, vulnerability assessments, and penetration testing to identify and address potential security risks. Monitor the organisation’s IT infrastructure for security breaches and respond promptly to any incidents. Implement and manage cybersecurity tools and technologies, such as firewalls, intrusion detection/prevention systems (IDPS), and antivirus software. Lead incident response efforts, including investigation, containment, eradication, and recovery, and provide detailed reports to senior management. Oversee the monitoring of IT services and infrastructure to ensure they are performing optimally and securely. Implement and manage service monitoring tools to provide real-time alerts and reporting on system performance and security events. Collaborate with IT support teams to proactively address performance issues and ensure the resilience of IT services. Design and manage the organisation’s data backup strategy, ensuring all critical data is regularly backed up and securely stored. Conduct regular tests of data recovery processes to ensure the organisation can quickly recover from data loss incidents. Implement and manage disaster recovery plans to ensure minimal disruption to business operations during a major IT incident. Develop, implement, and maintain the organisation’s business continuity plans (BCP) to ensure the continuous operation of critical IT services during disruptions. Collaborate with various departments to identify key business processes and systems that require continuity planning. Conduct regular BCP drills and exercises to ensure the organisation is prepared to respond effectively to disruptions. Ensure the organisation complies with relevant information security regulations, standards, and best practices (e.g., GDPR, ISO 27001). Conduct risk assessments to identify potential threats to the organisation’s IT systems and data, and implement mitigation strategies. Maintain up-to-date knowledge of the latest security threats, trends, and regulatory changes, and ensure the organisation’s security practices evolve accordingly. Collaborate with other IT and business leaders to integrate security practices into all aspects of the organisation’s operations. Develop and deliver security awareness training programs to employees at all levels of the organisation. Provide regular reports to the Group IT Director and senior management on the status of the organisation’s information security and business continuity efforts. Communicate security risks, incidents, and mitigation strategies to stakeholders across the organisation. Act as the primary point of contact for external security audits and assessments. Qualifications and Skills Education: degree in Information Security, Computer Science or equivalent Experience: At least 6 years of experience in information security, cybersecurity, or a related field Certifications: Relevant certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), ISO 27001 Lead Implementer, or equivalent are highly desirable. Technical Skills: Strong knowledge of information security management frameworks (e.g., ISO 27001). Proficiency in cybersecurity tools and technologies, such as firewalls, IDPS, antivirus, and SIEM (Security Information and Event Management) systems. Experience with service monitoring and data backup/recovery tools. Soft Skills: Strong analytical and problem-solving skills. Effective communication skills, with the ability to explain complex security concepts to non-technical stakeholders. Ability to work under pressure and manage multiple priorities. Location and Travel : This role is based in the UK, with occasional travel to other Mpac Group sites as required.
Apply Now
Other Jobs
Loading...
Get the freshest news and resources for developers, designers and digital creators in your inbox each week
Loading form
Start Free Trial
Connect
RSSFacebookInstagramTwitter (X)
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
© 2000 - 2024 SitePoint Pty. Ltd.