Information Security Officer

Location: Harrow, London
Salary: Up to £40,000 per annum
Job Type: Full-time
Working Pattern: Office-based

About the Role

We are seeking a proactive and detail-oriented Information Security Officer to join our team in Harrow. This is an excellent opportunity for someone with experience in information security, cyber risk, and compliance who is looking to play a key role in strengthening and maintaining a secure technology environment.

Reporting to senior leadership, the successful candidate will support the delivery of information security and cyber security initiatives across the organisation, including risk assessments, policy maintenance, security monitoring, audit support, incident management, and third-party risk reviews.

Key Responsibilities

• Support the delivery, documentation, and monitoring of information security and cyber security risk assessments for new and existing systems, technologies, and third-party vendors.
• Maintain risk registers, monitor identified vulnerabilities and threats, and track remediation and mitigation actions.
• Review and maintain information security and cyber security policies, procedures, and related documentation, ensuring timely updates and compliance.
• Coordinate and support security assessments such as vulnerability assessments, penetration testing, and related cyber security reviews.
• Work with internal IT/infrastructure teams to support implementation of security controls and secure configuration standards.
• Liaise with offshore teams and third-party providers on security, access, and risk-related matters where required.
• Assist with internal audits, external audits, and security assessments, helping to ensure compliance with regulatory and industry standards.
• Prepare risk assessment reports, management information, and key risk indicator dashboards.
• Support the management and resolution of information security incidents, ensuring timely escalation and closure.
• Contribute to improving the organisation's cyber security and information security maturity.
• Support governance activities, committee reporting, and security-related documentation.
• Assist in the development and delivery of security awareness and staff training initiatives.
• Review supplier and vendor security questionnaires and assess third-party security risks.
• Evaluate the effectiveness of internal security controls and recommend improvements where necessary.
• Undertake additional tasks and project work related to systems, security, and operational risk as required.

Skills and Experience Required

• Previous experience in information security, cyber security, or technology risk management.
• Good understanding of cyber security risk, security controls, and information security governance.
• Familiarity with risk management frameworks and security best practice.
• Working knowledge of networking concepts, operating systems, and cloud platforms.
• Experience supporting audits, risk reviews, or compliance activities.
• Strong Microsoft Office skills, particularly Excel for analysis and reporting.
• Ability to produce clear reports, dashboards, and security documentation.
• Experience of working with internal stakeholders, offshore teams, and third-party suppliers would be advantageous.

Qualifications

• CISSA qualification required
• CISM qualification required

Personal Attributes

• Strong analytical and problem-solving skills with excellent attention to detail.
• Confident communicator with the ability to explain technical risks to non-technical stakeholders.
• Organised and able to manage multiple tasks effectively under pressure.
• Self-motivated, adaptable, and willing to learn new systems, processes, and technologies.
• Able to work both independently and collaboratively as part of a wider team.
• Flexible approach to work, including occasional out-of-hours support where business needs require it.

What We Offer

• Salary of up to £40,000
• Opportunity to work in a growing and security-focused environment
• Exposure to a broad range of information security, cyber risk, and governance activities
• Supportive team environment with opportunities for professional development

If you have the relevant information security experience and qualifications and are looking for your next challenge in a hands-on security role, we would love to hear from you.