A rapidly growing and changing organisation is facing a number of challenges around information security. Technology research is the foundation of the company and developing knowledge and protecting this intellectual property is crucial.
They therefore require an experienced Change Management Consultant to join them for a fixed 12-18 month period. Salary is negotiable.
The core of this role is not so much IT/network security - it is implementing real change management and influencing working practices. The ideal candidate will have a deep understanding of emotional intelligence and have developed policies/change programmes and training structures.
The company recently undertook a consultation exercise to create a view of the current situation around its information assets and the security risks associated with them. This report identified a broad range of areas for improvement and the primary purpose of this role is to drive these improvements.
Responsibilities:
*Generate and implement policies and procedures that protect identified critical information.
*Maintain the organisation’s information security risk register.
*Agree plan of actions with senior management and department leads to address risks.
*Oversee the implementation of improvement activities.
*Execute improvement actions where suitable internal resource is not available.
*Develop a communication and education plan to raise the organisation’s understanding of security issues and their corrective actions.
*Liaise with the information security committee to provide status reporting and agree on priorities.
*React to security breaches of all kinds. Manage the resolution, review and corrective actions.
Skills:
*Ability to influence attitudes and behaviours to instigate change across many people and roles.
*A proven understanding of the principle embedded in ISO 27001. This framework will direct activities. A bonus would be experience of actual implementation.
*Ability to manage a diverse set of projects simultaneously involving employees across the whole organisation.
*Knowledge of IT infrastructure and processes that support information security, especially in an environment where sensitive information is shared with external partners.
*Experience in educating at all levels of an organisation to embed information security as a key every day function of the organisation.
If you feel you’d be a strong candidate for the above role, please follow the instructions above -send me your CV highlighting your relevant experience, quoting reference number ASH17916WC1.