£29k - £35k Per Year

Job Type

Full Time


2 days ago



The post holder will develop, implement and manage all aspects of Information Security throughout Diabetes UK. They will support the IT and Information Governance Team in providing expertise and advice to ensure that Diabetes UK complies with Information Security best practice, the General Data Protection Regulation, Data Protection Act 2018 and other relevant legislation and guidance. In addition, this customer facing role has responsibility for advising staff and volunteers on compliance issues, as well as conducting information security reviews on our assets across the organisation. This new role is designed to ensure that Diabetes UK has a robust Information Security Framework in place.

Interview Date(s): W/C 15 March 2021


What we can offer you:
  • Generous annual leave starting at 25 days plus bank holidays
  • A Cash Healthcare Plan (giving you up to £1,500 towards a range of out of pocket health expenses like new glasses, dentist, chiropractor or osteopath appointments)
  • Early finish Friday and flexible working as part of our approach to activity based working
  • Discounts on gym membership
  • Employee assistance programme to give you support on any issues that come up in life
  • Annual season ticket loan* (on completion of your probation period and if contract is permanent or longer than 12 months)
  • Very active social scene including sport teams, gardening and other activities
  • Generous pension provision, life assurance and income protection insurance
  • Cycle to work scheme* (eligible for scheme if contract is permanent or longer than 12 months)

*Some benefits aren't available until you've passed your probation period and are dependent on the length of contract.

Main Responsibilities

  • To create, implement and maintain Diabetes UK Information Security framework in line with our organisations requirements.
  • Serve as a subject matter expert for Information Security queries and assist the Information Governance Team as and when the need arises
  • Assist with the implementation of the payment card security processes and NHS DSP toolkit, including leading on specific projects or work streams if required
  • Develop and deliver Information Security guidance and advice for staff and volunteers
  • To provide advice and guidance on technical and non-technical aspects of information security and all associated projects, providing input to projects and systems so they are secure by design
  • To troubleshoot and resolve assigned security related support calls in a timely manner and in line with DUK standards and service levels, and work with technical support teams to mitigate/remove threats.
  • Responsibility of some of our Information Security processes, reviewing their effectiveness as Process Owner (strategical/tactical) and driving continual improvement based on Audit findings, Security Risks, Security Incidents and changes of regulatory requirements

Ideal Candidate

  • Information Security or similar role, ideally within charity sector, local government or NHS organisation, with fundraising or other direct marketing experience
  • GDPR requirements
  • Working knowledge of Microsoft Office 365/Azure security features to ensure maximum compliance to security standards is achieved
  • Information security management frameworks, such as ISO 27001 and Cyber Essentials Plus
  • Must be able to demonstrate sound technical diagnostic skills
  • Payment Card Industry Data Security Standards
  • Development of policy and guidelines that support best practice in information governance,
  • Compliance monitoring and auditing
  • Information Asset Register Management
  • Development and monitoring of Information Security Policies