To Provide a Highly Responsive and Customer Focussed Service Offering Security Based Advice

Ver1 -TJ

Job Role: / Security Compliance & Audit Officer
Department: / IT
Supported by: / IT Security, Risk & Compliance Manager

Job Purpose

To provide a highly responsive and customer focussed service offering security based advice. The role holder will act to safeguard EUI Ltd, its customers, assets and the interests of the business stakeholders by mitigating IT related risks and promoting best practice.

Main Duties

IT Security Compliance & Audit Officerwill be responsible for reviewing all changes to legislation (DP, FCA, ICO, PCI, SOX) and how they will impact our current services, solutions and processes. They will review and audit all systems, access, controls, and rules looking to align with best practice and making the necessary changes required. They will work closely with the business to offer help and support for all new technologies, services, solutions and regulatory changes.

Other duties include:

• To set and maintain the Security policies for the Admiral Group, ensuring all policies are kept up to date and in line with business and regulatory developments.
• Identify and implement processes, procedures and ensure best practise to safeguard the EUI technological estate.
• To aid in the creation and adherence of Security strategy.
• Maintaining security documents in line with current security frameworks.
• To facilitate Security Awareness training to the business on an annual basis.
• To pro-actively promote Security Awareness across the business.

This is not a full definition of the role but covers the main aspects and drivers for success.

Behavioural Competencies

Decision Making

• Ensure decisions are objectively justified.
• Understanding of the impact of decisions for the business.

Dedication

• Show passion for your work and a commitment to succeed.
• Keep up to date with the latest legislation and regulations that apply to the department.

Communication

• Ensure that all communication is clear and appropriate for its intended audience.
• Able to communicate with employee’s of all levels including senior management.
• High standard of both verbal and written communication skills.

Team Work

• Readily be available to help support the team and the business.
• Develop and manage relationships with customers, partners and suppliers to deliver maximum value to the business.

Solutions Driven

• Approach problems with an open but analytical approach.
• Focus on providing solutions to problems.

Challenging

• Be prepared to challenge the status quo and make suggestions for improvement.
• Be willing to voice an opinion on all matters whilst being receptive to feedback.

Motivation

• Demonstrate self-motivation and self discipline with time keeping and attendance.
• Take a proactive approach to dealing with work and duties.

Experience and Qualifications Required

Desirable:

• Experience of working in a customer facing support department.
• To be CISA certified.
• Experience in using the following technologies:
• Active Directory
• Microsoft Exchange Server and Windows platform
• Bluecoat or similar
• Linux platform
• iSeries

Essential:

• Experience of auditing systems.
• Previous experience of setting IT policies.
• Excellent communication skills, both written and verbal.
• Able to conduct internal reviews and analysis using a best practise approach.
• Demonstrable project management skills.
• Awareness of PCI DSS and other relevant regulatory standards.

Security Governance OfficerITJuly 2013