Information Security Compliance Officer
We are looking for someone who has experience in risk assessments, audit and compliance, audit assurance and 3rd party risk management to join us at Next in our Compliance team as an Information Security Compliance Officer for up to 9 months.
This is a brilliant opportunity to join us in a fast paced, fun but hard working team - we can offer a hybrid working approach with 3 days in the office and 2 days working remotely.
About the role:
- Ensuring Information Security requirements applicable to Next are understood and under management within the Compliance FrameworkEnsuring that developments to the Information Security framework (ISO27001) are effectively communicated within the team in a timely manner and assisting in communication to key business stakeholders.Developing and advising on the implementation of Information Security policies and standards across the Next businessInforming and providing advice to the business and its employees about their responsibilities in regards to PCI-DSS and other security related frameworks (ISO27001) and controls (CIS).
- Providing advice to key stakeholders on key Information Security compliance matters and their application within Next.Providing risk based advice on Information Security Third Party Risk across the Next Estate.Providing advice to IT infrastructure and eCommerce staff in relation to security architecture and design.Assisting in developing and delivering risk based Information Security compliance awareness training company wide; tailored to the audience.
Monitoring and Assurance
- Informing and advising on high risk areas to the Compliance Monitoring Manager to ensure appropriate risk based coverage of their Monitoring plan.Assisting the Compliance Monitoring Manager in the remediation of material compliance findings.
- Ensuring the information security risk landscape is understood and appropriately documented to facilitate effective managementFacilitation of regular risk assessment to inform senior leadership on information security risk exposureManagement, maintenance and presentation of key compliance critical to quality measures to all relevant stakeholders
- Knowledge of ISO27001, CIS and NIST frameworks, and experience of working in Information Security compliance roles.Ability to work in a fast paced, challenging, dynamic and demanding environment with changing priorities.Ability to practically apply an approach to compliance in a form and style that is appropriate to the business.Excellent written and oral communication skills with the ability to explain complex issues to those that are not Information Security professionals.Ability to plan and prioritise workloads whilst working to strict deadlines.Strategic thinker with analytical and problem solving abilities.Ability to constructively challenge and question stakeholders on their approach to Information Security compliance.
- Bonus Scheme
- Pension Scheme
- ShareSave Scheme
- Life Assurance
- Staff Discount
- On-site Nursery
You know Next, but did you know we’re a FTSE-100 retail company employing over 43,000 people across the UK and Ireland. We’re the UK’s 2nd largest fashion retailer and for Kidswear we’re the market leader. At the last count we have over 540 stores, plus the Next Online and it’s now possible to buy on-line from over 70 countries around the world! So we’ve gone global!
For further information, and to apply, please visit our website via the “Apply” button below.