To continuously improve the practices and policies that protect the value Ceres and our partners create, embodied in intellectual property and confidential information.
Ceres Power is a rapidly growing and changing organisation which is facing a number of challenges around information security. The foundation of the company is its technology research and development knowledge and protecting this intellectual property is crucial. This is becoming increasingly important as the business expands, becomes more visible, partners with external partners around the world and expands its own manufacturing base.
Ceres recently undertook a consultation exercise to create a view of the current situation around its information assets and the security risks associated with them. This report has identified a broad range of areas for improvement and the primary purpose of this role is to drive these improvements.
- Generate and implement policies and procedures that protect identified critical information.
- Maintain the organisation’s information security risk register.
- Agree plan of actions with senior management and department leads to address risks.
- Oversee the implementation of improvement activities.
- Execute improvement actions where suitable internal resource is not available.
- Develop a communication and education plan to raise the organisation’s understanding of security issues and their corrective actions.
- Liaise with the information security committee to provide status reporting and agree on Priorities.
- React to security breaches of all kinds. Manage the resolution, review and subsequent corrective actions.
- Demonstrated ability of influencing attitudes and behaviours to instigate change across a large number of people and roles.
- A proven understanding of the principle embedded in ISO 27001. Although we are not planning to be accredited soon we do wish to use this framework to direct our activities. A bonus would be experience of actual implementation.
- Ability to manage a diverse set of projects simultaneously involving employees across the whole organisation.
- Knowledge of IT infrastructure and processes that support information security, especially in an environment where sensitive information is shared with external partners.
- Experience in educating at all levels of an organisation to embed information security as a key every day function of the organisation.
NO AGENCIES PLEASE
Make Application Here