Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join our team to ensure IT projects meet security standards and manage security assessments.
- Company: We're a leading Utilities organization in Wales, committed to enhancing information security.
- Benefits: Enjoy hybrid work, competitive salary, annual bonuses, and a generous pension contribution.
- Why this job: Be part of a dynamic team improving security posture while working on exciting IT projects.
- Qualifications: Passion for security, cloud knowledge, and experience with Azure are essential.
- Other info: Flexible work schedule with opportunities for career growth and development.
Information Security OfficerPermanent – 42k to 45k + potential bonus and benefitsLocation: Hybrid – Newport
Your new company
A leading Utilities organisation in Wales are currently looking for additional Information Security Officers, to come in and complement the existing team. You will ensure IT projects adhere to security policies, secure architecture principals and conform to regulatory cyber assessment frameworks.
Your new role
- Support the activities associated with Information Security on all non-CAF based IT projects.
- Deliver the relevant security artifact requirements for each IT Project quality gate.
- Document and log security assessments and penetration testing where required. This will also include arranging penetration test engagements and code reviews for in flight and new projects.
- Work closely with Security Operations to ensure the SecOps team are made aware of any defects, failed controls or risks identified.
- Assist where required in any unplanned ad hoc information security duties.
What you’ll need to succeed
- Passion for information security with energy and a drive to improve information security posture.
- A good understanding of cloud concepts, particularly hybrid cloud. Experience with public cloud technology and Microsoft Azure is essential.
- Understanding of project management methodologies (Waterfall, Agile, PRINCE2) is necessary.
- Knowledge of leading endpoint detection and threat management products.
- Knowledge of network security, particularly around networking behaviour analytics and NAC.
- Strong commercial acumen and vendor management. The ability to understand and translate between technical and business language where necessary.
- Strong knowledge of information security control and compliance standards such as the NCSC CAF, ISO27002, IEC17789, CIS CSC and NIST CSF
- A good understanding of Microsoft Defender products and Microsoft Sentinel would be advantageous.
What you’ll get in return
This role is hybrid, on a 50/50 basis. This would usually equate to 2 days in the office one week, 3 days in the office the next.
- 41.5k- 45k initially, with yearly increments/pay rises
- 25-day holiday plus bank holidays
- Annual bonus based on personal and company performance
- Your 5% pension contribution will be doubled by the company, meaning 15% of your annual salary will be put into the pension pot (with you only contributing 5%)
- And more!
What you need to do now
If you’re interested in this role, click ‘apply now’ to forward an up-to-date copy of your CV.
If this job isn’t quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career.
Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C’s, Privacy Policy and Disclaimers which can be found at (url removed)
Information Security Officer employer: Hays Technology
Contact Detail:
Hays Technology Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Officer
✨Tip Number 1
Make sure to showcase your passion for information security during the interview. Share specific examples of how you've improved security postures in previous roles or projects, as this will resonate well with the hiring team.
✨Tip Number 2
Familiarize yourself with the specific cloud technologies mentioned in the job description, especially Microsoft Azure. Being able to discuss your experience with these technologies will demonstrate your fit for the role.
✨Tip Number 3
Prepare to discuss your understanding of project management methodologies like Agile and PRINCE2. Highlight any relevant experiences where you successfully integrated security measures into IT projects using these methodologies.
✨Tip Number 4
Research the latest trends in information security, particularly around endpoint detection and threat management products. Being knowledgeable about current tools and practices will show that you're proactive and engaged in the field.
We think you need these skills to ace Information Security Officer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in information security, particularly with cloud technologies and project management methodologies. Use keywords from the job description to demonstrate your fit for the role.
Craft a Strong Cover Letter: Write a cover letter that showcases your passion for information security and your understanding of the required technologies. Mention specific experiences that align with the responsibilities outlined in the job description.
Highlight Relevant Certifications: If you have any certifications related to information security, such as CISSP, CISM, or specific cloud certifications, be sure to include them in your application. This can set you apart from other candidates.
Showcase Communication Skills: Since the role requires translating technical language into business terms, provide examples in your application of how you've successfully communicated complex information to non-technical stakeholders.
How to prepare for a job interview at Hays Technology
✨Show Your Passion for Information Security
Make sure to express your enthusiasm for information security during the interview. Share specific examples of how you've improved security postures in previous roles or projects, as this will demonstrate your commitment and energy for the field.
✨Demonstrate Your Technical Knowledge
Be prepared to discuss your understanding of cloud concepts, especially hybrid cloud environments. Highlight your experience with Microsoft Azure and any relevant public cloud technologies, as this is essential for the role.
✨Familiarize Yourself with Project Management Methodologies
Since knowledge of project management methodologies like Waterfall, Agile, and PRINCE2 is necessary, be ready to discuss how you've applied these methodologies in past projects. This will show that you can effectively manage security within various project frameworks.
✨Understand Compliance Standards
Brush up on your knowledge of information security control and compliance standards such as NCSC CAF, ISO27002, and NIST CSF. Be prepared to explain how you've implemented or adhered to these standards in your previous work.
