Information Assurance Officer
Our Group Information Assurance function is responsible for the security management of Computacenter’s information assets and those of our Managed Service customers.
Our mission statement is: To facilitate the identification and operation of all applicable requirements to security compliance, safeguarding valued and valuable information. We work in collaboration with the business to achieve strategic objectives by driving the adoption of best practice methodologies, whilst focusing on continual improvement to enhance our customer experience.
You’ll be working as part of a friendly Group Information Assurance team, as an Information Security Officer based in our office in Birmingham but will be required to also work on customer sites.
The role will include scheduling, preparing and documenting all security governance meetings; coordinating the production of relevant reports and statistical analysis required for services, SLAs, KPIs and the ISMS management review; whilst maintaining and updating the content of ISMS Action Logs, e.g. the risk log, security incident log, Audit actions log, documentation reviews and the information risk assessment.
You’ll work as an audit guide/liaison officer in supporting audit parties and stakeholders with first, second and third-party audits. Through risk assessments of the customer ISMS/Contractual deliverables and information assets, based on the documented risk methodology, you’ll identify and document risks and review the adequacy of operational security procedures to agree risk responses with the risk owner and relevant stakeholders, whilst progressing necessary actions in an appropriate timeframe. Above all, you’ll have the resilience to take on a problem and see it through to its successful conclusion.
You will also be responsible for implementing and maintaining the Information Security Management System (ISMS) and the compliance of staff and policies, procedures, guidelines and standards used to support the effectiveness of the ISMS. You will support in the annual verification of ISO27001 and other security certifications that Computacenter hold. Risk management will be one of your key responsibilities and include carrying out risk assessments, driving risk management / treatment controls with risk owners and risk reporting. You may also assist with internal and external audits and IT health checks.
The Ideal Candidate
• Minimum of 3 years experience of working with Information Security Management Systems and information security governance or experience in the IT industry
• Understanding of information security standards like ISO27001/2 and their implementation, maintenance and continual improvement
• Good working knowledge of security-related legal and regulatory requirements
• Excellent information acquisition skills
• Excellent communication skills − both written and verbal
• Good interpersonal skills
• Excellent knowledge of risk analysis methods, techniques and tools
• Good decision-making skills. Influence and persuasion skills
• Good commercial orientation and organisational awareness
• Ability to build constructive relationships with internal or external clients, ensuring risk management and accreditation is an integral ongoing part of business and project plans
• Good understanding of the IT industry's best business practices and procedures
• Proficient in corporate and professional standards
• Good knowledge of techniques for business process improvement and Quality Management
• Good working knowledge of internal security solution requirements
• Good working knowledge of ITILv3 or ISO20000
• Speaks English fluently
• Ability to attain relevant security clearance
Competitive Basic Salary + Company Benefits
About the Company
Computacenter is a leading independent provider of IT infrastructure services worldwide, enabling users and their business in a digital world. Our 15,000 employees worldwide support our customers on their path to digital transformation. Since our foundation in 1981, we have grown steadily and we are proud to have been able to provide first-class support to our local & international customers with their IT strategy and concepts, implementation of the best-suited technology and management of their IT infrastructure anywhere in the world that it’s needed.
In doing this, we help CIOs and IT departments, in organisations around the world, maximise productivity and the business value of IT for internal and external users.
As we indicate in our values, Winning Together, we pride ourselves in our teamwork, our dedication to our keeping our promises, and offer a work environment that is friendly, open and supportive. Just like our customers, we want to see our employees learn and grow to their fullest potential.