Contract - 3 months - £500 per day
We are working with a leading professional body that are looking to bring on an experienced Information Security Manager who can contribute to the achievement of their business plan objectives, whilst dealing with internal and external clients. You will be reporting directly to the Chief Technology Officer and be the focal point of all security issues.
- Ensure that the DPA registration is renewed annually in line with business requirements
- Oversee the processing of DSR's and DP complaints
- Report any breach of the GDPR to the relevant director and where appropriate the ICO
- Maintain Data Breach register from initial response through to completion of data breach report developing an action plan to address any key risks
- Provide advice and guidance to staff on GDPR matters including SARs (subject access requests), data breach management and notification and DPIA (data protection impact assessment)
- Define the process for identifying and making required changes to the PDPI (personal data processing inventory)
- Develop processes to ensure the Personal data retention policy is kept up to date and reviewed annually
Security Policies and procedures
- Develop & create appropriate and relevant ICT security policies
- Ensure Data Protection policies and procedures are updated in accordance with changes of legislation.
- Oversee the dissemination of new & amended policies to all staff
- Conduct an annual review of all security policies to ensure they are fit for purpose amending where appropriate
- Implement process/procedural changes in order to reduce the risk of a data/security breach
- Maintain and monitor PCI DSS compliance advising on any changes necessary to maintain compliance
- Maintain and monitor Cyber Essentials Plus accreditation advising on any changes necessary to maintain compliance
- Develop and administer a framework that ensure staff acceptance of all security policies, standards and procedures which can be validated and measured for understanding and acceptance
- Itemise and prioritise all existing data protection policies that require updating including any new policies required
- Provide advice to Project and ICT managers ensuring that any changes to systems/data collected are the subject of a DPIA where appropriate
- Oversee the programme of external and internal penetration tests of AAT's ICT systems
- Attend DPA seminars/training to keep up to date with data protection, security & compliance best practice and guidelines particularly those relevant to AAT systems
- Induct all new staff with an introduction to major security policies
- Provide monthly reports to the relevant director detailing security/data breaches and SARs
Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.
Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.
PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.