Policy Writer - Information Security

Brightred Resourcing Ltd
18 May 2017
17 Jun 2017
Contract Type
Full Time

Policy Writer - Information Security


London plus some Travel

Currently on the lookout for an Policy Writer - Information Security within the security and policy space, ideally seeking someone who is very much focussed around defining policies, and regulations, designing and implementing these within security standards. Ideally aN Information Security Lead who is very much focussed on the end to end compliance and governance in a regulated environment. My client are a global organisation within the digital media space; good communication skills needed, engaging and able to communicate with complex stakeholders.

Policy Writer - Information Security - Roles and Responsibilities

  • Management of the ISO 27001 aligned Information Security Policy Library, populating it with the full suite of information security policy documents (comprising Policies, Minimum Standards, Technical Standards, User Guidance and other supporting documents) and working in close collaboration with other 2nd Line of Defence (2LoD) teams
  • Establishing and managing an information security policy advice and guidance service to Technology and other technical teams.
  • Establishing and managing an information security assurance service to work in close collaboration with the other 2LoD teams to provide collective assurance over all aspects of risk management across the organisation
  • Measure and monitor risks and control action plans with stakeholders.

Policy Writer - Information Security - Essential requirements

  • Demonstrable experience of managing information security policies, standards and guidance
  • Significant experience in technology and information risk, assurance and / or audit

Policy Writer - Information Security - Desirable

  • CISM, CISA, CRISC, CISSP, ISACA CyberSecurity Fundamentals
  • FAIR, COBIT, RiskIT, or similar knowledge or experience
  • Sarbanes-Oxley (SOX) compliance activities or working in a regulated environment