3 days ago
As a global IT and business service provider, across multiple sectors, Capita has a wide array of Information Security requirements, technologies and teams. As an Information Security Compliance Officer in the Office of the CISO, you will guide multiple Capita businesses in demonstrating compliance with security policies and certification requirements.
In this InfoSec Compliance role, you will have the opportunity to work with a broad range of recognised security standards, including Cyber Essentials (CE), CE Plus, PCI DSS, ISO/IEC 27001, ISAE 3402, SOC2, NIST, CIS, and Information Security Management Framework (ISMF). You will assure business compliance with required security standards, regulations, and specific client contractual clauses, so that the business is able to maintain the trust and confidence of our clients.
Working within the CISO Audit and Compliance team, and collaboratively with pan-Capita business operational and security management teams, as Information Security Compliance Officer you will gain a fantastic exposure to various InfoSec topics, helping you to progress your career alongside a strong training & development programme. What you'll be doing:
•conducting and coordinating security compliance assurance activities, including annual business policy and procedure reviews, IT security management and controls gap analysis audits and physical site reviews.
•writing audit compliance reports, which includes making recommendations on remediating identified issues and risks. Supporting CISO Office functions and Information Security Managers in the tracking and resolution of issues identified by audits.
•undertaking specific client security policy and contractual compliance reviews.
•establishing effective working relationships with business security management, to ensure business security management processes and controls are effective.
•supporting the response to external audit and client security questionnaires, and conducting third party security due diligence assessments. Working with business teams to assess third Party Security arrangements to an agreed schedule.
•contributing to the overall CISO Audit Security and Compliance Programme report
What we're looking for:
•a self-motivated individual with flexible approach to working
•excellent interpersonal skills with the ability to explain technical problems to non-technical business stakeholders at all levels
•strong written and oral communication skills
•experience of working to an ISO27001/2 aligned framework, and ideally knowledge of PCI DSS
•ISO27001/CISM/CISSP qualification/certification is desirable
•experience of undertaking security auditing and security controls testing
•working knowledge of security risk management, security governance framework and compliance
About Capita Technology Solutions
At Capita Technology Solutions, we're connecting people to the services they need the most. We're providing critical digital, cloud and infrastructure services to over 3,500 organisations, making us one of the largest IT providers in the UK. In fact, we're the number one provider of IT to the public sector, supporting hospitals, schools, the emergency services and more. Our experienced team includes 1,000 technical specialists and 250 highly qualified field engineers. Join us and discover better as you create smart buildings, cities and communities across the UK.
What's in it for you?
•A competitive basic salary
•23 days' holiday (rising to 27) with the opportunity to buy extra leave
•Learning & Development programmes, including the opportunity to gain valuable industry qualifications such as the ISO27001 Lead Auditor certification
•The opportunity to take a paid day out of the office, volunteering for our charity partners or a cause of your choice
•Company matched pension, life assurance, a cycle2work scheme, 15 weeks' fully paid maternity, adoption and shared parental leave, paternity pay of two weeks...and plenty more
•Voluntary benefits designed to suit your lifestyle - from discounts on retail and socialising, to health & wellbeing, travel and technology
•Access to our Employee Network Groups, which represent every strand of diversity and allow colleagues to connect and learn from each other on an open, inclusive platform
•Remote working with occasional travel to company sites for strategic face-to-face meetings
You'll get the chance to follow your chosen career path anywhere in Capita. You'll be joining a network of 63,000 experienced, innovative and dedicated individuals across multiple disciplines and sectors. There are countless opportunities to learn new skills and develop in your career, and we'll provide the support you need to do just that. Our purpose is to create a better outcome for you.
What we hope you'll do next:
Choose 'Apply now' to fill out our short application, so that we can find out more about you.
To view our Covid-19 and process adjustments information, please visit the Capita Careers site.
We're an equal opportunity employer, which means we'll consider all suitably qualified applicants regardless of gender identity or expression, ethnic origin, nationality, religion or beliefs, age, sexual orientation, disability status or any other protected characteristic. We recruit and develop our people based on merit and their passion for creating better outcomes, and we're committed to creating an inclusive environment for all employees.