Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Provide expert guidance on information security and risk management while ensuring compliance with national standards.
- Company: Join a leading organisation focused on safeguarding information and enhancing security practices.
- Benefits: Enjoy a permanent role with opportunities for professional development and collaboration with key stakeholders.
- Other info: Regular travel may be needed across operational areas; ideal for those passionate about security and compliance.
- Why this job: Make a real impact in the field of information security while working in a dynamic and supportive environment.
- Qualifications: A Levels or equivalent, plus recognised qualifications in information security or data protection required.
The predicted salary is between 36000 - 60000 £ per year.
Location: Warwickshire, United Kingdom
Job Category: Information Technology
EU work permit required: Yes
Job Reference: BBBH75954_1745571910
Job Views: 6
Posted: 25.04.2025
Expiry Date: 09.06.2025
JOB PURPOSE: To provide expert guidance and specialist advice on all aspects of information assurance, security, and risk management. The role ensures the development and implementation of relevant policies, procedures, and processes necessary for compliance with national standards and codes of connection for information systems. This role includes maintaining the Information Security Incident Register, coordinating investigations into reported incidents, and recommending corrective measures to prevent recurrence. The postholder will also undertake onsite audits of facilities and assessments of third-party suppliers to ensure compliance with expected security and assurance standards. Additionally, the role supports departments with completing Data Protection Impact Assessments and offers professional advice on information assurance and security-related matters.
MAIN RESPONSIBILITIES:
- Support the Information Security and Assurance programme to ensure assurance and compliance processes meet national standards and reporting requirements (e.g. SyAP).
- Develop, review, and implement policies and best practices for managing information and cyber security, in alignment with organisational needs.
- Establish and apply techniques to regularly assess compliance of information assets with legal, regulatory, and best practice requirements.
- Serve as a point of contact for queries on information security and assurance.
- Plan and conduct information security audits and compliance checks, ensuring the security of systems, data, and physical assets across the organisation and third-party entities.
- Identify and assess security requirements, producing Risk Assessment Reports and reviewing related documentation for new or evolving systems, assets, and processes.
- Coordinate the investigation and reporting of information security incidents, ensuring appropriate remedial action is taken and trends are monitored.
- Prepare and deliver training, education, and awareness sessions related to information security, assurance, and risk management.
- Work collaboratively with key internal and external stakeholders—including third-party suppliers—ensuring best practices and compliance with relevant legislation and standards.
- Stay informed on developments in legislation, practices, and tools related to information security and data protection, fostering continuous improvement and innovation.
- Represent the organisation in internal and external meetings, promoting information security standards and contributing to relevant partnerships and working groups.
- Perform other duties as appropriate to the nature and level of the role. Regular travel across operational areas may be required.
PERSON SPECIFICATION
Knowledge:
- A Levels or equivalent.
- Recognised qualification in information security, data protection, or risk (e.g. CISM, CISSP, CRISC, BCS DPO, etc.).
- In-depth understanding of ISO 27001, NIST, or other relevant security frameworks.
- Up-to-date knowledge of data protection legislation and associated best practices.
- Understanding of cross-functional areas affecting security (e.g. HR, procurement, tech infrastructure).
- Familiarity with principles of information confidentiality, integrity, and availability.
Experience:
- Operational delivery of security assurance in a multi-site environment.
- Managing compliance with standards like PSN or SyAP.
- Developing and enforcing information security and assurance policies.
- Performing internal audits and managing accreditation processes.
- Facilitating high-level stakeholder engagement.
- Collaborating with external agencies and partners on security issues.
Key Skills:
- Ability to manage workloads, meet deadlines, and adapt to changing priorities.
- Strong communication and interpersonal skills for influencing and explaining complex topics.
- Discretion and professionalism when handling sensitive information.
- Capability to work independently on complex investigations.
Information Security and Assurance Advisor employer: Concept Information Technology
Contact Detail:
Concept Information Technology Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security and Assurance Advisor
✨Tip Number 1
Familiarise yourself with the latest information security frameworks like ISO 27001 and NIST. Being able to discuss these frameworks in detail during your interview will demonstrate your expertise and commitment to the role.
✨Tip Number 2
Network with professionals in the information security field, especially those who have experience in compliance and risk management. Engaging with them can provide insights into the role and may even lead to referrals.
✨Tip Number 3
Stay updated on current data protection legislation and best practices. Showing that you are proactive about continuous learning can set you apart from other candidates.
✨Tip Number 4
Prepare to discuss real-life scenarios where you've successfully managed security incidents or audits. Concrete examples will help illustrate your problem-solving skills and experience in the field.
We think you need these skills to ace Information Security and Assurance Advisor
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience and qualifications that align with the job description. Emphasise your knowledge of information security frameworks like ISO 27001 and any recognised certifications you hold.
Craft a Strong Cover Letter: In your cover letter, express your passion for information security and assurance. Mention specific experiences where you've successfully managed compliance or conducted audits, and how these relate to the responsibilities outlined in the job description.
Showcase Relevant Skills: Clearly outline your key skills in your application, such as your ability to manage workloads, communicate complex topics effectively, and handle sensitive information with discretion. Use examples to demonstrate these skills in action.
Proofread Your Application: Before submitting, carefully proofread your application for any spelling or grammatical errors. A polished application reflects professionalism and attention to detail, which are crucial in the field of information security.
How to prepare for a job interview at Concept Information Technology
✨Know Your Frameworks
Familiarise yourself with ISO 27001, NIST, and other relevant security frameworks. Be prepared to discuss how these frameworks apply to the role and how you've used them in past experiences.
✨Demonstrate Incident Management Skills
Prepare examples of how you've handled information security incidents in the past. Highlight your ability to coordinate investigations and implement corrective measures effectively.
✨Showcase Your Communication Skills
Since this role involves liaising with various stakeholders, practice explaining complex security concepts in simple terms. This will demonstrate your strong communication skills and ability to influence others.
✨Stay Updated on Legislation
Research recent developments in data protection legislation and best practices. Being knowledgeable about current trends will show your commitment to continuous improvement and innovation in the field.