Plusnet is a Yorkshire based ISP with a unique brand identity. It’s a fast paced environment yet our offices have a distinctly friendly and informal feel to them - we know that you can do great business without the suits. We believe in making a difference, team work and putting the customer first in everything that we do. It’s an approach that’s allowed us to keep delivering award winning products and services for nearly 20 years!
Whatever your career ambitions, Plusnet is committed to giving you the skills and support that you need in order to achieve your goals; whether it’s training and development or just a breather over a game of table tennis or pool!
Of course there’s lots of other reasons to work at Plusnet; we’ll support you through a wide range of “Plusnetter” perks including free staff broadband & phone packages, pension, bonus & shares scheme and numerous discounts on items such as cinema tickets, mobile tariffs, city parking, gym memberships and much more!
So, if you’re looking to think creatively, challenge yourself and make the decisions that matter - we’d love to hear from you!
About the job
A fantastic opportunity to join a dynamic Information Security team for someone with a passion for Information Assurance.
This is an interesting role for someone with an in-depth knowledge of information security, risk, compliance and governance combined with a sound understanding of technology and security controls.
Working alongside the Compliance and Risk specialists, you will report directly to the Assurance and GRC Lead and be primarily responsible for performing information security risk assessments of internal and external processes and applications and managing residual risks.
As a Information Assurance Specialist you will...
- Perform information security assessments on suppliers, vendors and partners.
- Work with suppliers, vendors and partners to manage and mitigate security risks and weaknesses
- Work with stakeholders across the business to improve the third party engagement processes
- Work with project teams providing information security advice, guidance and requirements
- Work with the Information Security team to continually evolve policies, processes and procedures
- Work with the Information Security Team to implement an Information Security framework aligned to ISO 27001
- Work with the Information Security Team to ensure we continue to meet PCI DSS compliance,
- General Conditions, GDPR and any other relevant legislative or compliance regimes.
- Input to reports on risk mitigation and remediation
- Promote Information Security awareness and incident reporting across the wider organisation
- Help manage security behaviours across customer agent centres
- Work with and support the Cyber Security team when required.
- Support the Assurance and GRC lead in meeting team objectives.
In order to apply you must...
- Good all round knowledge and experience of Information Security, technical security controls and risk management
- Knowledge and experience of Information Assurance.
- Experience of working with 3rd party vendors, partners and suppliers around security controls, policy and risk
- Good understanding of various information security compliance standards, such as PCI-DSS, ISO 27001, GDPR, etc.
- Able to engage with stakeholders, the business, suppliers and partners at all levels.
- Good organisational and communication skills and a solid team player
- Ability to work in a dynamic and fast paced environment
- Passionate about Information security and a strong desire to work towards formal qualification such as CISA,CISM or CISSP