Security Compliance Officer
The Security Compliance Officer (SCO) is responsible for the tracking and reporting of security compliance for in scope IT services delivered to an account The SCO works closely with the Account Security Officer to facilitate and report on the delivery of security compliance for the client at governance/risk/compliance, delivery and specific operational levels. You will be the focal point for the assessment, audit and compliance activities within the account. The SCO will be responsible for understanding all the controls and artifacts associated with an account and will structure and oversee the program to collect, record and report the artifacts.
- Maintains familiarity with the security-related compliance requirements and contractual compliance requirements in accordance with the agreement with the customer.
- Confirms and documents contractually in-scope IT controls, processes and reporting requirements
- Reviews the adequacy of the IT control process documentation
- Coordinates implementation of IT controls processes and reporting
- Regularly validates implementation of IT controls process evidence submission
- Supports the account management team in regular status meetings, planning meetings, and training sessions
- Determines audit readiness based on compliance status
- Supports account audit readiness security and IT control training and awareness of account team.
- Prepares Compliance Monthly Reports, reporting on compliance processes, metrics and trends through account established reporting mechanisms
- Reviews compliance status with the Customer
- Maintains the Security Risk and Compliance register framework including findings and other security related artefacts
- Supports the ASO in dealing with client and account team by providing intelligence and supporting data
- Participates in account security governance board meetings to identify, escalate and track compliance, operational delivery and risk issues
- Facilitates the remediation of compliance, security service delivery and risk issues as part of the client security governance board
- Provides support and content for internal and external audit activities
- Annually reviews the account controls baseline described in the Account Security Plan document
- Contributes to innovation by driving changes to improve controls effectiveness
Candidates must demonstrate:
- Ability to gain and hold UK HMG DV clearance - but we will employ you in a non-secure area of the business whilst you clearance is being processed.
- Demonstrate good influencing, communications, interpersonal and organizational skills.
- Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Manager (CISM) or similar -
- ISO 27001 experience
- UK HMG experience
- Good general information technology accumen
- Audit experience
- Experience in managing physical security controls
- Demonstrated strong financial awareness and control other financial experience at a management level
- Understanding and experience of working with supplier contracts
More searches like this
- Central Government SC Permanent £50,000 - £59,999 jobs in London (Central)
- Cyber Security SC Permanent £50,000 - £59,999 jobs in London (Central)
- Defence SC Permanent £50,000 - £59,999 jobs in London (Central)
- Engineering SC Permanent £50,000 - £59,999 jobs in London (Central)
- Information Technology SC Permanent £50,000 - £59,999 jobs in London (Central)