Our client, a major organisation within the nuclear industry, is seeking an Information Security Officer for a permanent opportunity based in the South West.
The purpose of the post is to provide support to the Information and Cyber Security Manager. This will include assisting with the development and implementation of our clients contract security policies,procedures and processes in accordance with current regulation and legislation whilst also enabling the business. The Information Security Officer will also assist the Information and Cyber Security Manager with the organisation of Information Security within the organisation, liaising with external authorities and organisations to provide specialist advice on security reviews and investigations relating to Information Security issues,events and incidents, as well as assisting with Information Security awareness and training.
- Compliance with the Information Security requirements of the Nuclear Industries Security Regulations (NISR) 2003 (as amended).
- Develop and contribute to producing Contract Security policies, processes and procedures.
- Ensure that our clients third party suppliers and delivery partners (hereafter referred to as‘Contractors’) apply an acceptable level of protective security and are compliant with the requirements of NISR 2003.
- Liaise with the Commercial team to ensure that Information Security are notified of all potential classified contracts / to educate on required security measures that need to be built into processes, procedures and ways of working.
- Take action to ensure that in all contracts involving SNI, appropriate Security Measures are included.
- Provide security advice to contractors and leading on investigations when Commercial information or SNI has been the subject of a security breach or has been compromised.
- Carry out an annual review of the management of all classified contracts, particularly those aspects relating to the security of our clients Commercial information or SNI.
- Ensure that contractors are aware of their legal obligation for reporting any breach, or suspected breach of security to ONR (through our client) in accordance with NISR 2003 Regulations 22
- Relevant graduate degree (e.g Risk Management, or Information Technology (or relevant experience).
- Membership of a relevant professional institution such as the Institute of Information Security Professionals.
- Experience of delivering Information Security within large scale delivery programs and projects.
- Demonstrable experience in carrying out risk assessments and security audits in order to achieve and maintain compliance, with up to date knowledge of security compliance issues.
- Demonstrable understanding and experience of HMG security and ISO 27000 standards.
- In-depth knowledge and experience of Nuclear Security regulations and standards including the HMG Security Policy Framework & Government Security Classification.
- A blend of both government and commercial experience is beneficial.
- An understanding and some experience of wider security requirements within personnel and physical security is beneficial.
- International experience.
- Member of relevant institute