We are seeking a highly skilled Information Security Advisor to join our team at Robertson Group. As an integral part of our fast-paced IT team, you will advise and engage with the business on Information Security matters, with a customer-centric approach at the forefront of your ethos.

• Manage the Information Security Management System (ISMS) on a day-to-day basis, ensuring compliance with relevant standards and regulations.
• Assess data management plans, user safety, and security implementation, identifying and understanding threats and issues.
• Monitor systems and compliance, maintaining and improving user awareness and advising end-users on information security issues.
• Participate in Information, IT, and Cyber risk management, including risk assessments, risk register maintenance, and remediation action identification and documentation.
• Work with businesses and departments to understand key controls and processes, implementing IT, Information, and Cyber security policies, processes, and procedures.
• Maintain and continuously improve the culture of security awareness and practice throughout Robertson Group, with regular communication and refresher training for employees.
• Gain skills as an auditor and perform audits against standards such as PCI DSS, Cyber Essentials, ISO 27001, ISO 22301, and NIST 800 series.
• Carry out assigned audits, ensuring businesses are supported to complete assigned audit actions.
• Provide guidance on security requirements within Robertson as required.
• Administer the Robertson Information Security Management system, working with the Information Security Manager to ensure the ISMS suite of documentation is kept up to date.
• Carry out IT security incident identification, tracking, and reporting.
• Work across Robertson businesses to implement and improve the Information Security management system, ensuring compliance with all appropriate policies, procedures, and policies.
• Monitor information security compliance relating to all contractual responsibilities.
• Work with different Robertson businesses to ensure fully tested business continuity and disaster recovery processes and procedures are in place.
• Manage Information/IT security systems to ensure the safety of Robertson information and systems.
• Develop skills and knowledge of data protection requirements, compliance auditing, and processes such as Data Protection Impact Assessment, International Data Transfer Risk assessment, and Legitimate interest assessment.
• Carry out subject access requests and FOI requests with the Information Security Manager.
• Demonstrate continuous professional development and a willingness to learn new skills.

• Working towards becoming an information security professional.
• Experience in looking after structured documentation and ensuring it complies with a specific standard.
• Knowledge of ISO 27001.
• Skills and knowledge of risk assessment and risk management processes in Robertson.
• Knowledge and experience of data protection laws and associated regulations.
• Understanding of data classification and how to keep information secure.
• Ability to work to tight deadlines.
• Delivery-focused.

We are a business that thrives on achieving results that benefit people and communities, offering fantastic opportunities for career development. We value diversity and inclusion, creating an environment where everyone can feel welcome and be themselves.

We offer a wide range of rewards and benefits, including 33 days annual leave, a great pension, and valuable life assurance. We also have a brilliant smarter working policy, allowing many of our office-based people and some of our site-based people to work from home or as part of our hybrid model.