2 of 2 Permanent ISO 31000 Jobs in the East of England

accordance with Global EIT strategy, EMEA business requirements and relevant information security legislation, including NIS 2, AI Act and GDPR. You will ensure the continued certification of the EIT ISO 27001:2022 management system and adherence by the EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and Safety, Financial and Privacy laws. … internal and external stakeholders/groups and to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC 62443, CIS, GDPR etc.) Maintain the department’s information security procedures, including but not limited to information security incident response … compliance audits conducted in the department Qualifications and Experience required: Degree level qualified or equivalent - highly desirable. CISM and/or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer/Auditor certification is essential. Demonstratable experience in an Information Security, IT Governance, Risk and Compliance based role, including maintaining and continually improving an ISO More ❯

and maintenance of the EMEA information security management system, ensuring compliance with Global EIT strategy, EMEA business needs, and relevant legislation (e.g NIS 2, AI Act, GDPR). Maintain ISO 27001:2022 certification and ensure adherence to health, safety, financial, and privacy regulations. What are we looking for? Degree level qualified or equivalent - essential. CISM and/or CISSP … or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer/Auditor certification is highly desirable Demonstratable experience in an Information Security, IT Governance, Risk and Compliance based role, including maintaining and continually improving an ISO 27001 compliant management system. Experience of information security management and/or security awareness. Good knowledge of industry standard frameworks … and best practices – ISO 27001: 2022, NIS2, AI Act etc. and their practical application in a corporate environment to ensure all elements of integrity, availability and confidentiality are adhered to. Extensive experience conducting information security risk assessments, reporting risks Experience of developing, implementing, managing, and maintaining Information Security policies, guidance, & procedures. Experience of risk management and maintaining risk registers. More ❯