Apply Recruitment

About the Company

Apply Recruitment provide seamless IT recruitment support to businesses and individuals across the UK. We are a team of experienced technology recruiters who have high quality networks, extensive market knowledge and outstanding reputations with our customers.

We offer a range of technology recruitment services, from permanent candidate placements, interim technology support, executive leadership, IT team building services and digital transformation strategy. Whatever your challenge we will deliver first time, every time.

Listed Jobs

Company Name

Apply Recruitment

Job Title

Information Security Officer

Job Description

**Job Title:** Information Security Officer – Supply Chain & Procurement **Role Summary:** Lead the organization’s third‑party and supply‑chain cyber risk program. Act as the primary advisor to business units and procurement teams on security compliance, risk assessment, and mitigation for suppliers supporting critical national infrastructure. Chair the Supply Chain Risk Management Forum and collaborate with the Information Security Manager to embed security controls throughout the supplier lifecycle. **Expectations:** - Minimum 3 years experience as an Information Security Officer or in a comparable security role. - Proven experience managing security in third‑party, supply‑chain, or procurement environments. - Ability to influence senior stakeholders, drive forum discussions, and shape a growing security function. - Strong knowledge of relevant legislation (e.g., GDPR, NIS) and security frameworks. - Demonstrated analytical and communication skills for risk reporting and advisory duties. **Key Responsibilities:** - Build and maintain relationships with internal business functions and external suppliers. - Chair and facilitate the Supply Chain Risk Management Forum. - Conduct security risk assessments of current and prospective suppliers; provide realistic threat overviews. - Advise on and monitor compliance with cyber‑security policies, standards, and legal requirements. - Support RFI/RFP processes, audits, and project teams with a security lens for new and existing suppliers. - Maintain the cyber‑security compliance schedule and coordinate with compliance managers. - Interpret and apply security policies, procedures, standards, and guidelines across the supply‑chain domain. - Mentor and potentially lead a small team (2‑3 members) as the function expands. **Required Skills:** - Third‑party and supply‑chain risk management expertise. - Familiarity with procurement processes and supplier governance. - Knowledge of GDPR, NIS Regulations, and related data protection laws. - Experience with security frameworks such as NCSC CAF, NIST, ISO 27001/27002, CIS Controls. - Strong analytical, reporting, and presentation abilities. - Effective stakeholder engagement and facilitation skills. - Ability to interpret and apply security policies and standards. **Required Education & Certifications:** - Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related field (or equivalent experience). - Professional certifications (preferred): CRISC, CISM, CompTIA Security+, CISSP, or equivalent. - Certifications are valued but real‑world experience in third‑party security is essential.

Lancashire, United kingdom

Hybrid

Junior

04-10-2025