CyberscopeTV

About the job

Higher Education Statistics Agency (HESA) have an exciting opportunity for a Compliance Officer (Information Security) to join our team based in Cheltenham to provide support to the Data Futures Programme, specifically to the Programme Delivery team. You will join us on a full time, fixed term basis (up to 12-months duration) and in return, you will receive a highly competitive salary of circa £45,000 depending on experience. About Us: HESA exists to enhance the competitive strength of UK higher education by collecting, analysing, and disseminating data about the UK HE sector. We provide a trusted source of information, supporting better decision making, and promoting public trust, to support this strategy. Our strategy is delivered through our people. Ensuring that our staff have the skills, capabilities, and tools to do their jobs effectively is therefore a key theme underpinning all our activities and objectives. This includes providing opportunities for development, growth, and learning. About the role: This role will report to the Head of Information Security whilst working closely with the General Counsel & Director of Compliance and other members of the team. You will ensure HESA, as the Controller, is able to comply with its legal requirements and demonstrate accountability regarding information security controls, ensuring that requirements are met and built into the new HESA data platform (HDP).  Responsibilities of our Compliance Officer (Information Security): - Act as the point of contact for information security considerations in the Data Futures project. - Work closely with the Compliance Officer (Data Protection) – Data Futures, the Head of Information Security and HESA’s DPO/General Counsel to ensure Information Security aspects are properly identified, assessed, addressed, and documented within the compliance documentation of the Data Futures project. - Attendance at the Legal & Compliance Groups daily stand-ups, security governance meetings, and selected Data Futures meetings including sprint reviews to ensure information security issues and controls are considered in design decisions, identified, and documented in the relevant DPIA(s), ways of working, and Definitions of Done and comply with HESA’s applicable information security policies and ISO27001 requirements. - Contribute in meetings to raise awareness of data protection issues when the Compliance Officer (Data Protection) is not present and feedback these issues to the Compliance Officer (Data Protection). - Ensure all information security risks are appropriately identified, threat modelled, and risk treatment plans created and documented including making updates to the relevant DPIA. - Ensure information security technical requirements are fed into the scrum teams’ Definitions of Done in a timely manner. - Work closely with the Head of Information Security and CTO to agree the scope of the required penetration testing. What we’re looking for in our Compliance Officer (Information Security): - You will be educated to degree level or have equivalent work-based experience. - You will be a subject matter expert in Information Security Governance and ISO27001. - Experience of working in agile development projects to ensure security by design. - IT literate, with proficiency in MS Office. - Able to communicate and collaborate at all levels. - The ability to build strong working relationships. - Experience with infrastructure as a service / platform as a service, and knowledge of the HE sector are highly desirable. - A professional qualification in Data Protection is also highly desirable. What can we offer you as our Compliance Officer (Information Security)? HESA’s bright and modern offices are right in the heart of Cheltenham, situated on the Promenade – the proximity to the shops, cafes and bars make this an attractive location and provide opportunities for socialising. The salary range for this post is circa £45,000k dependant on skills and experience. We offer an attractive package with 25 days leave, plus bank holidays and extra Agency shutdown at Christmas; flexible working including remote and home working options; pension scheme and occupational health support. Application forms should be completed via our recruitment portal; it is planned that any suitable candidates will be interviewed at the earliest possible opportunity. If you have the skills and experience, we require for this role and are looking for a new challenge then please click ‘apply’ today to be forwarded to our on-line recruitment portal and become our new Compliance Officer (Information Security). Thank you for your interest in HESA. No Agencies please

Company

Company Name

Address

Cheltenham, Gloucestershire, United Kingdom,United Kingdom