Junior Information Security Officer

Junior Information Security Officer

Support the day-to-day coordination and administration of the Information Security Management System (ISMS). The role ensures that information security processes, records, and activities are well organised, documented, and communicated to stakeholders.

Key responsibilities

• Coordinate and maintain ISMS documentation, including the Risk Register, Information Asset Inventory, Third-Party Inventory, and logs of incidents, corrective actions, and improvements.
• Support the scheduling, tracking, and reporting of information security tasks in the security calendar.

• Assist with preparing materials, recording minutes, and following up on actions from the Security Steering Committee and other ISMS meetings.
• Organise internal and external audit activities, ensuring stakeholders are informed, records are ready, and outcomes are tracked.
• Contribute to the rollout of security awareness and training initiatives.
• Assist with compiling evidence and reports to demonstrate compliance with information security requirements.
• Provide administrative support for security metrics and incident reporting and follow-up.
• Monitor task progress and support project coordination across teams.
• Maintain version control and timely updates of ISMS documents and registers.

Core competencies, skills and experience

• At least 1 year experience working in information security, audit and risk management.
• Strong organisational and planning skills, with the ability to manage multiple tasks and priorities.
• Clear and confident communicator, both written and verbal.
• Strong teamwork and collaboration, with the ability to work across technical and business teams.
• Proactive, with initiative to follow up, chase actions, and ensure deadlines are met.
• Good attention to detail and accuracy in record-keeping and documentation.
• Ability to coordinate small projects and track progress effectively.
• Comfortable using common productivity and collaboration tools.
• An interest in developing knowledge of information security standards such as ISO27001.
• Previous exposure to administration, coordination, or compliance roles is an advantage.