Job Description

Principal Accountabilities

• Analyse UK and EU branch offices’ Information Security strategies, policies, procedures etc., and implement them in the UK as well as Belgium, Netherlands, Turkey and Russia (the group companies).
• Monitor and report all IS issues within the UK, the group companies and the HQ based in Tokyo
• Proactively lead the Incident Management processes to restore a normal service operation as quickly as possible to minimanise impact on business operations.
• Work closely with customers and provide support on all IS issues including revision of policies and practices and provide customers with advice for improvement.
• Communicate to customers impact of the IS threats and assist them with implementation of new or revised procedures and/or IS plans in order to meet their needs.
• Conduct company and customers audits, provide all parties with guidance on IS and changing trends / legislation.
• Be first point of contact to all IS related enquiries from staff and customers. Actively participate in IT Risk Assessment by identifying and cataloguing information assets, identifying threats and vulnerabilities, analysing internal controls, determining the likelihood of an incident occurring again, assessing impact the threat may have on business operations, prioritising risks to IS and designing controls.
• Design, implement and review internal and external system security assessment support.
• Systematically assess company’s and the group companies IS management process in line with the ISO 27001 certification through internal audits.
• Revision of customers ISO 27001 if necessary.
• Review, assess and audit new and existing suppliers.
• Design and implement IS training for UK and the group companies as well as customers if necessary.
• Provide IS induction and training to new employees and ex-patriates.
• Ad hoc requests from your line manager

Required Knowledge, Skills, and Abilities

ISO 27001:2013 management experience General IT security knowledge such as (D)DOS, BEC, APT, SPF, IDP, PKI and E2EE General IT system experience such as AD, DNS, Email, DB and Firewall General IT understanding such as Windows event log, system audit log, domain records, authentication, L2/L3 networking and remote access Administration skill to create, organise and maintain records