Information Security Officer - Maximus

Description & Requirements

Be part of something great

Maximus is a global organisation that specialises in providing health and employment services to millions of people every year. Here in the UK we employ around 5,000 people across the country to deliver services that have a profound impact on people's lives. From assessments and health services to employability programmes and specialist support, we do work that matters with people who care.

The Information Security Officer is responsible for ensuring information security for an assigned area of Business / Project focusing on key areas of risk, outlined in the Information Security policy, under the direction of the Information Security management team. Responsible for oversight of the governance of information and data, ensuring compliance with all relevant statutory, contractual and company selected requirements.

• Implements the ISMS framework with a management reporting line to the VP, Information Security Management and Assurance.
• Supports audit and client engagements/enquiries, coordinates the collection, review and submission of Information Security deliverables and coordinate the remediation of audit concerns.
• Ensures the organisation's policies, processes and procedures are aligned with ISO27001.
• Ensures the alignment and awareness of MAXIMUS policies in the UK.
• Provides day-to-day advice on common information security issues.
• Coordinates, responds to, and investigates security and data protection incidents
• Devises and delivers Risk Assessments and maintains a resulting risk register.
• Conducts security impact assessments in support of new initiatives and system solutions
• Provides on-going security awareness training.
• Coordinates security accreditation and IT Health Check activities and provides progress reporting to internal and external stakeholders.
• Coordinates system and security audits conducted by internal and third-party auditors
• Takes an active role within UK wide Security forums and initiatives

Qualifications and/or Experience

Skills

• Experience working in healthcare organisations or with government agencies preferred.

• Extensive working knowledge of ISO27001.

• Experience implementing Cyber Essentials and Cyber Essentials Plus.

• Working knowledge of the Data Protection Act and GDPR requirements.

• CISSP/CISM is desirable.

Individual competencies

• Excellent communicator; with strong written, verbal and presenting skills.
• Aptitude for working both alone or collaboratively in a multi-disciplinary team with other stakeholders such as legal and compliance.
• Proven experience in similar governance or audit roles.
• Good analytical skills.
• Customer-focused approach
• This position requires working with colleagues at all levels, so the ability to articulate technical and regulatory concepts and experience of translating them into requirements to the board and technical implementers is highly desirable

Key Business Priorities

Internal

• Information Security Team members, Information Technology, Privacy, Quality, Compliance, Procurement and Key Project leaders

External

• Customers, Auditors and Regulators

EEO Statement

Maximus is committed to developing, maintaining and supporting a culture of diversity, equity and inclusion throughout the recruitment process. We know that feeling included has a dramatic impact on personal wellbeing and are working to ensure that no job applicant receives less favourable treatment due to any personal characteristic. Advertisements for posts will include sufficiently clear and accurate information to enable potential applicants to assess their own suitability for the post.

We are a Disability Confident Leader, thanks to our commitment to the recruitment, retention and career development of people with disabilities and long term conditions. The Disability Confident scheme includes a guaranteed interview for any applicant with a disability who meets the minimum requirements for a job. When you complete your job application you will find a question asking you if you would like to apply under the Disability Confident Guaranteed Interview Scheme. If you feel that you have a disability and apply under this scheme, providing that you meet the essential criteria for the job, you will then be invited for interview. YourGuaranteed Interview application will only be shared with the hiring manager and the local resourcing team. Where reasonable, Maximus will review and consider adjustments for those applicants who express a requirement for them during the recruitment process.

£

40,000.00

£

50,000.00