Sesame Bankhall Group (SBG) are looking to recruit a Group Information Security Officer. Working within the Financial Services sector this role will liaise with key stakeholders to review, challenge and approve Information Security processes and procedures. The role will provide appropriate and proportionate advice to the Group and its first line of defence on the purpose and application of its Information Security policies and control standards. This role will be a working from home position, with the ability to travel.

Group Information Security Officer Duties

• Provide assurance that the Group is compliant with all relevant Information Security policy and legislation.
• Provide security training and awareness campaigns to the Group and its customer base.
• Provide Third Party Information Security assurance of the Group’s suppliers. 
• Conduct annual maturity assessments of cyber controls to see that the Group are continually improving their cyber controls and provide the executive team with industry benchmarking insight.
• Collaborate with the IT function to see that a cyber security strategy is put in place that fulfils the requirements of business objectives and control maturity requirements.
• Conduct independent Information Security risk assessments, reporting findings to and agreeing mitigating actions/risk acceptance with the system owner and IT
• Undertake proportionate assurance activity / IS risk assessments of the Group’s Information Security control environment.
• Provide oversight and investigate breaches of the Groups data loss prevention controls.
• Monitor, investigate, record, and provide statistics to the business of network member information security breaches.
• Monitor, investigate, and provide awareness to the business on malicious emails received by colleagues.
• Sit on the Business Continuity Steering Group and Incident Management Teams to provide guidance on Information Security matters.
• Collaborate with our parent company to deliver phishing scenario tests to our colleagues

­ Group Information Security Officer Requirements

• Degree in Computer Science, Information Technology, or any other related field. An equivalent of the same in practical experience is also acceptable for the position
• Broad experience of security management concepts
• Good understanding of security architecture principles and processes.
• Subject matter expertise in IT Security and Cybercrime prevention.
• An operational understanding of Firewalls, system logs and user account management so that you can provide oversight of the IT department process changes
• Excellent knowledge of Information Security risk assessments and the ability to identify and communicate risks agreeing mitigating controls or formal acceptance of risks by the risk owner and controller.
• Operational knowledge of Cryptography with the ability to advise and agree requirements for new and materially changed systems
• Sound knowledge of the creation, review, and approval of Information Security policies/controls and approval of IT testing schedules in relation to vulnerability, penetration, data transport methods and remote access 
• Substantial experience of working in a 1^st or 2^nd line Information Security role.
• Experience of operational cyber security controls
• Good knowledge of IT Operations procedures and best practices.

Group Information Security Officer Benefits

• Competitive salary
• Flexible working
• Employee discount schemes
• 4 x life assurance
• Company contributory pension scheme
• Generous holiday entitlement
• Private Medical Insurance

If you think that you will be suitable for Group Information Security Officer, please apply now!

Contact information