Chief Information Security Officer (CISO) Based at Carlisle Starting salary: £34,622 per annum plus up to 10% bonus We are currently looking to recruit a Chief Information Security Officer (CISO) to be responsible for developing and maintaining the company's information security policies, procedures and standards. The CISO is to provide guidance to all personnel on the implementation of the information assurance framework as specified in the HMG Security Policy Framework. The CISO will ensure all relevant control measures are in place to protect the confidentiality, integrity and availability of all company information. The CISO also plays a critical role informing & advising all personnel within the organisation on matters relating to information security and ISO 27001.
Duties of this role will include, but are not limited to: • Develop, manage and implement a comprehensive company-wide information security management system in accordance with HMG standards. • Provision of expert advice, guidance and awareness training on information security as appropriate at all levels of the organisation and recommend actions where shortfalls are identified. • Provision of advice & guidance on ISO 27001 to all levels of the company. • Represent DRS at external information security meetings and forums, e.g. ONR, CPNI etc. • Develop, manage and maintain a suite of comprehensive information security standards, policies, procedures and guidelines. • Develop, manage and maintain a company information asset register, ensuring information asset owners (IAOs) are identified and are aware of their responsibilities. • Undertake information security risk assessments and support/assist other IAOs with same. • Monitor information security trends, potential/emerging threats, vulnerabilities and evolving technologies, keeping the Information Assurance team (and senior management) informed about relevant issues with the potential to affect the company. • Assist with the monitoring and reporting of information security compliance. • Support and prepare reports for the Chief Security Officer (CSO), and the Senior Information Risk Owner (SIRO) as required. • Support the ICT team in the identifications of information security incidents and breaches, and assist with recommending and implementing suitable remedial actions. • Act as DRS’s Communications Security Officer ComSO & Crypto custodian.(As required) We would expect applicants to possess the following skills: • Relevant degree or equivalent • Professional information security qualification (ideally CISP, CISM or equivalent) • Significant experience of ISO 27001 • Experience of working with GSC (Government Security Classification) documentation. • Experience of producing a consistently high standard of documentation, such as policies, procedures and instructions • Broad knowledge of information security regulations, standards and good practices • Broad knowledge of IT systems, threats and vulnerabilities • Excellent communication skills, both oral and written • Ability to work to deadlines and manage time effectively • Ability to work independently and as part of a team • Ability to resolve issues and problems using creative solutions • Ability to deal appropriately with sensitive information In return we offer an attractive salary plus bonus, 33 days leave, Company Pension scheme and Healthcare scheme. If you have the necessary skills and ambition to apply for the above role please complete the Job Application PDF to be found at www.directrailservices.com under the relevant current vacancy and return to the DRS HR Department, Kingmoor Depot, Etterby Road, Etterby, Carlisle, CA3 9NZ CLOSING DATE FOR APPLICATIONS: 21 August 2015 Successful applicants for all DRS roles will be required to undergo security clearance including, reference, nationality and identification checks
