Information Security Advisor

In this exciting role, you'll provide Information Security expertise, advice and guidance for all routine YTL Utilities UK and Wessex Water business operations.
 
You'll help develop, buy, and deliver systems that are secure from the start, and support the upkeep of a strong information security management system.

This role offers a hybrid of office and home working (the option to work part of your week from home becomes available after completion of an initial training period). You will need to be located within a commutable distance from our Claverton Down, Bath office as being able to work collaboratively with our business stakeholders and project teams is key to this role.

What you'll do

• Act as the Information Security lead for complex projects, identify and introduce security requirements and ensure solutions align with YTL UK / Wessex Water security and data protection policies.
• Identify, assess and report risks for further consideration and management.
• Produce management reports that include the selection of appropriate metrics to accurately reflect information security risk status.
• Assess and report third-party and supply-chain security risks, including the adequacy of contractual provisions related to information security controls, and evaluate responses to third party security questionnaires.
• Provide informal and formal education and awareness opportunities to colleagues regarding security threats and vulnerabilities, information security policy and best practices.
• Assist in the development of secure procurement, DevSecOps and Secure Software Development Lifecycle (SSDL) processes and engage such processes when implementing new IT and security solutions.
• Maintain the operation of the ISMS, suggest and implement improvements to it and develop its security controls.
• Plan and deliver internal security audits; track and report achievement against recommendations for improvement.
• Support all aspects of Security team delivery, including SecOps, Physical Security, Data Protection and Business Resilience, contributing to security incident response and recovery as required.
• Identify obsolete policy, standards and procedures (and other absences of relevant guidance).
• Develop new information security policies, standards and procedures for company-wide adoption and support implementation, including education and awareness activities.
• As required, assist and mentor colleagues in cybersecurity techniques, processes and security best practices.

What you'll need

We are looking for you to have a passion for Information Security and to have experience of Security Assurance, Information Security Consultancy, Security Risk Management or related roles.

Experience in technical security roles such as architecture, development or operations, and experience managing security controls for Operational Technology are all highly desirable.

You will present clear experience and understanding of operations within a risk-driven framework and will be adept at articulating information security risk to determine priorities. 

You will be able to confidently explain to senior stakeholders why the maintenance of security controls is essential to support critical business functions and demonstrate practical knowledge of how to evaluate the strength and maturity of security controls with reference to business priorities.

It would be desirable to have one of the following industry certifications or qualifications:

• ISC2 CISSP
• ISACA CISM
• ISACA CISA
• ISACA CRISC
• Education to degree level (or equivalent) in a Computer Science, Maths, Science or IT Security related discipline(s).

Our Information Security Advisors support a challenging range of business operations on behalf of an engaged and supportive enterprise therefore, this role requires individual drive and flexibility within the role.

What you'll receive

• A combined pension contribution of up to 20%.
• Career progression and professional development opportunities.
• 25 days' holiday rising to 28 with length of service.
• The opportunity to buy up to ten days' holiday and sell up to five every year.
• A healthcare package that allows you to claim back healthcare costs.
• Life assurance of up to eight times your salary.
• A new electric car in exchange for part of your gross salary, subject to conditions.
• Cashback and discounts from more than 3,000 retailers.
• One paid volunteering day each year.
• Enhanced family leave and pay arrangements.
• An interactive health and wellbeing platform.
• Support from mental health first aiders.
• A £1,000 referral fee if you recommend someone to work for us.

Who we are

YTL UK is part of the international YTL Group based in Kuala Lumpur. The UK companies include:

• Wessex Water – one of the top-performing water and sewerage companies in England and Wales, serving 2.9 million people across the South West.
• YTL Developments – a major UK developer currently redeveloping a 350 acre former airfield into an award winning, exciting mix of houses, apartments, schools, commercial space, restaurants and hotels, to make a truly sustainable new community.
• YTL Construction UK – a top 20 UK contractor providing fully integrated services to infrastructure, residential, commercial, industry, energy and environmental sectors.
• YTL Arena – the development and operation of an entertainment complex that includes a 19,000 capacity arena, conferencing and exhibition space.
• Plus a number of other retail, environmental and specialist businesses.

Our people tell us that YTL UK is a great place to work, which is why so many of them stay with us! You will have a unique opportunity to develop and progress your career within such a diverse group.

We are passionate about diversity and inclusion – with that in mind, all applicants are welcome. We are delighted to have signed the Armed Forces Covenant and are a Disability Confident Employer.  

If you require reasonable adjustments to be made during the recruitment process, please inform a member of our Recruitment team.