Please Rotate Your Device

Job Description

Information Security Lead

Location Peterborough

Job Type: Permanent, Full Time

Salary: £40,000 – £55,000 (depending on experience)

Reports To: Head of IT

 

Main Purpose of the job

To play a crucial role in safeguarding our software development processes, systems, and data. To be responsible for developing and implementing risk management strategies, ensuring compliance with industry standards, and protecting the company from cyber threats.

 

Main Responsibilities

Risk Management and Governance

  • Develop, implement, and maintain the information security strategy and policies to comply with applicable laws and regulations. 
  • Evaluate risks associated with third-party vendors (such as cloud service providers or software suppliers). 
  • Implement due diligence processes to assess vendor security practices and contractual obligations. 
  • Stay informed about industry standards, legal regulations, and compliance frameworks (such as GDPR, CE+, and ISO 27001). Ensure our software development practices, and third-party vendors, adhere to these standards.  
  • Regularly maintain and review the IT Risk Register, developing strategies to reduce and mitigate known risks. 
  • Act as the organisations Data Protection Officer and lead on all Data Protection topics including governance, strategy and incidents. 

 

Security Monitoring and Incident Response

  • Define an appropriate target security posture, considering risks, threats, and vulnerabilities. 
  • Lead the efforts to monitor our computer networks for security issues. 
  • Collaborate with our third-party support provider to detect security events such as failed login attempts, malware infections, or unusual network traffic patterns. 
  • Stay informed about emerging threats, attack techniques, and vulnerabilities. Leverage threat intelligence feeds and collaborate with external partners. 

 

Vulnerability Management and Mitigation 

  • Co-ordinate yearly Penetration Tests on our Web Shop platform. 
  • Ensure a regular patching schedule is in place for our workstations and servers, with minimal disruption to our userbase. 
  • Provide training and education on cyber security topics to employees. 
  • Identify system vulnerabilities and develop strategies to mitigate them. 

 

Strategic Planning and Roadmap Development 

  • Develop and maintain a comprehensive information security strategy aligned with the business’ overall goals. The strategy will outline the medium- to long-term vision for security. 
  • Create a security roadmap that charts the path toward achieving strategic security objectives. The roadmap will include milestones, initiatives, and resource allocation. 
  • Ensure that security initiatives directly support business objectives, digital transformation, and growth. 

 

Knowledge, Experience and Competencies 

  • Pro-active, results-driven individual with high levels of energy, flexibility, and commitment to deliver the business and functional objectives at pace. 
  • Demonstrable ability to multi-task to deliver according to identified business priorities. 
  • Excellent track record of embracing change and innovating to improve processes and ways of working. 
  • Demonstrable ability to learn new technology for the benefit of the business. 
  • An effective communicator with excellent written and verbal presentation skills.   
  • Demonstrable attention to detail. 
  • Strong collaboration skills. 
  • Ability to build relationships with business stakeholders. 

 

Benefits & Rewards

People who work with Charis have the opportunity to excel, innovate, learn and grow and we offer an excellent range of benefits that contributes to employee satisfaction and organisational success.

View our Benefits

Apply now

Drop files here or
Accepted file types: pdf, doc, docx, Max. file size: 10 MB.
    Consent(Required)
    (Required)