Cyber Security QMS Controller
Our client, an engineering business who design and supply products for the transport industry are looking to recruit an Cyber Security QMS Controller, to take the lead and work with the Quality Manager to improve their Quality Management Systems
The position of Cyber Security QMS Controller will have specific responsibility for writing the procedures for the management of Quality and Information Security to meet ISO 27001 (Cyber Security) to achieve third party certification.
After which time the position will to support the business systems processes and procedures within their existing Quality Management Systems.
It is essential that the successful candidate is able to drive as the position will require travel to other sites within the North West together with having exceptional IT awareness, specifically around Cyber Security with a keen interest in Information Technology Security
Key Duties for the position of Cyber Security QMS Controller:
- To take ownership and lead the development of the Information Security Management system. Creating and implementing information security and data protection procedures and policies. Maintaining documentation and records as required to ensure the successful operation of the Information Security Management System.
- To support the enforcement of all security policies and processes to ensure continued legal, regulatory and contractual compliance.
- To support the management of information security incidents and breaches; escalate, investigate, and deliver on solutions as required.
- To support and/or undertake audits as required on technical and non-technical systems, services or processes
- To support the management of information security risks and risk register updates
- To support and work with other areas of the business to achieve information security objectives as required, including consultation, advice, assessment, recommendations, reviews or escalations.
- The generation of security information, guidance and training, including working with colleagues to produce this information.
- The successful candidate will initially support the Quality, Safety and Environmental Manager with the development and implementation of the Information Security Management System for the business. The current system shall be improved to be compliant with ISO 27001 and shall be developed to facilitate the company achieving 3rd party certification
- This role will require the individual to take on and lead on a number of technical and non-technical tasks associated with the production of internal procedures for the management of quality and information security (specifically ISO 27001). Therefore a good understanding of information security and implementing or operating 'ManagementSystems’ to meet similar requirements is beneficial.
- The role will then develop to manage and develop the present ISO 9001:2015 Quality Management System and ISO 27001 information security system to ensure outputs meet external user requirements and to focus upon internal processes in order to continually improve outputs.
Required Attributes for the role of Cyber Security QMS Controller:
- Excellent written/verbal communication and organisational skills, reporting and procedure writing abilities. You will be expected to be able to lead and successfully implement a set of policies for information security in accordance with ISO27001: 2013.
- Experience of managing small projects within an IT environment would be beneficial. The ability to understand security principles and best practices such as Cyber Essentials and international standards such as ISO 27001 would be highly beneficial.
- The successful candidate is likely to be from a IT background or have a degree in a relevant technical subject. Applications from candidates from all experience levels is encouraged. The role requires the individual to be self-motivated and in the first instance willing to take responsibility for the ISO 27001 compliance project. An interest IT security is therefore a pre-requisite for the role.
- Must have excellent written communication,verbal communication and organisational skills
- Can demonstrate ability to plan and organise own workload with good results
- Good procedure / report writing skills are required
- The ability to write and successfully implement a set of policies for information security in accordance with ISO27001: 2013
- Experience of managing small projects within an IT environment would be beneficial
- The ability to understand security principles and best practices such as Cyber Essentials and international standards such as ISO 27001 would be highly beneficial
- Initiative and enterprise
- Critical and analytical thinking
- Ability to apply discipline, knowledge and concepts
- Information gathering, evaluation and synthesis
- Good working knowledge of Microsoft Office
- Driving Licence is essential