Key Responsibilities

• Develop IT risk frameworks and perform assessments.
• Ensure regulatory compliance (e.g., GDPR, ISO 27001).
• Maintain an Incident Response Plan and coordinate rapid incident resolution (e.g., cybersecurity breaches, data loss).
• Establish a Vendor Risk Management program to assess third-party compliance.
• Oversee security measures, incident responses, and network security enhancements, including Fortinet solutions.

Skills and Expertise

• Experience in a similar role.
• Strong knowledge of regulatory requirements (e.g., GDPR, ISO 27001, Data Protection Act 2018), including DPIAs.
• Familiarity with frameworks such as Cyber Essentials or ISO 27005.
• Proficiency with MS 365, Intune, VMWare, and Fortinet technologies.
• Certifications such as CRISC, CISA, CISM, ISO 27001 Lead Auditor (beneficial, not essential).

Job Facilities/Benefits

• 50,000 – 60,000 annual salary
• Hybrid working (3 days on-site in Cardiff, flexible)
• 28 days annual leave + bank holidays
• Industry-leading training
• Employee Assistance Program (24/7 confidential helpline)
• High street retail discount scheme
• Staff benefits, wellbeing, and recognition platform
• Free on-site parking
• Friendly and supportive work environment