2 of 2 Information Security Officer Jobs in the Midlands

Our client is seeking a Data Protection & Information Security Officer, to be based in their Loughborough office on a permanent full-time basis. Key Responsibilities: • Serve as the statutory Data Protection Officer (DPO). • Stay current with information security legislation and update related policies, procedures, and the company website accordingly. • Manage and coordinate responses … to Freedom of Information (FOI) and Data Protection requests, ensuring timely and accurate replies. • Investigate data breaches within required timeframes, recommending risk mitigation actions to protect data subjects and the company. • Ensure secure information handling and report security breaches per company policies. Desired Experience • Recent office administration experience. • Accurate record-keeping (electronic and paper). • Handling FOI … and Data Protection requests. • Interpreting and applying policy and legislation. • Presenting information in various settings. • Delivering training to diverse audiences. • Proficient in MS Office, databases, and spreadsheets. • Strong understanding of FOI, Data Protection Acts, and related legislation. Should you have any questions or wish to apply please do not hesitate to contact Clear Legal and Financial Recruitment. Please Note More ❯

Overview The Interim CISO will provide immediate, strategic and operational security leadership on a fixed-term basis. The primary mandate is to conduct a rapid, high-impact review and uplift of critical security governance functions, focusing specifically on asset management, third-party assurance, and incident preparedness. Key Responsibilities and Deliverables: The successful candidate will be a hands-on … leader responsible for the following key reviews: 1. Group Information Asset Register (IAR) Review Audit and Validate the current IAR structure, completeness, and accuracy of Confidentiality, Integrity, and Availability (CIA) classifications. Establish a repeatable, documented process for the continuous identification, registration, and risk-linkage of all high-value information assets. 2. 3rd Party Assurance Process Uplift Assess and … Refine the entire Third-Party Risk Management (TPRM) lifecycle, identifying gaps in vendor security due diligence and ongoing monitoring. Define a tiered, risk-based methodology for assurance reviews, ensuring the rigor of the review matches the vendor's inherent risk to the organization. 3. Incident Response and Recovery Plan (IRRP) Validation Critically Review the current IRRP for clarity, compliance More ❯