Skip to content
Working at Sodexo - engineer fixing large machinery

Our vacancies

Search Jobs  

IS&T Security and Compliance Manager

Please Note: The application deadline for this job has now passed.

Job Introduction

We are currently recruiting a new role within the IS&T team, a Security and Compliance Manager. Reporting directly into the Director of Enterprise Architecture you will be responsible for the management of information security and process compliance within Sodexo UK and ROI; providing leadership, advice, support and guidance to all levels of the organisation. You will manage compliance activities around accreditation and external bodies and be the point of contact for internal and external audits (ISO27001; ISO22301; PCI-DSS; GDPR).

You will currently be a Security and Compliance subject matter expert with knowledge and/or experience in ISO27001; ISO22301; PCI-DSS ; GDPR. This role offers a very competitive salary, bonus and excellent benefits package with the ability to take up to 33 days holiday a year.

 

Role Responsibility

  • To ensure through proactive and reactive tasks, that information security risks to the business are mitigated, and where possible reduced by continual improvement of the Sodexo UK and ROI Information Security Management System.
  • To be the point of contact within IS&T for external and Sodexo Group audits and overall co-ordination and management of audit action plans
  • Be a recognised subject matter expert for ISO27001, GDPR and PCI-DSS accreditation
  • Develop, implement and maintain information security policies, standards, guidelines and procedures, ensuring on-going achievement of information security objectives based on Industry best practice.
  • Develop, implement and maintain information assurance accreditations in line with business strategy, global standards and policies, and the requirements of audit bodies and clients
  • Create information security documentation in accordance with appropriate standards
  • Deliver legislative update training programmes and raise awareness of information security, using a variety of communication methods
  • Conduct audits of IT systems and processes and the production of management audit reports and KPIs that highlight the level of compliance and the issues that require action.
  • Complete project security risk assessments as required
  • Identify, implement and promote relevant IS&T process improvements, using KPIs to demonstrate process compliance and delivery of benefits.
 

The Ideal Candidate

  • Understanding/expertise of: ISO27001; ISO22301; PCI-DSS ; GDPR
  • You will currently be working as a compliance and information security subject matter expert and acts as a champion for compliance and information security best practice.
  • You will be able to articulate the link between information security, risk management, compliance and tangible business advantage.
  • Excellent communication & influencing skills
  • Customer-focused, acting as an ambassador with all information security and compliance stakeholders and able to engage with internal and external customers, in both the public and private sector.
  • Ability to work to work collaboratively, as well as develop, coach and mentor other colleagues and team members 
  • Ability to act as Lead to a number of resources providing information assurance capability into a project or programme
  • Knowledge and understanding of the characteristics, vulnerabilities and risks relating to IT infrastructure
  • Possess or be able to obtain UK Security Clearance to SC level or equivalent level as defined by HMG.

About the Company

In the UK and Ireland, Sodexo employs some 35,000 employees to deliver integrated facilities management services to clients at over 2,000 locations in the corporate, healthcare, education, leisure, defence and justice sectors. With an annual turnover of over £1bn, we provide everything from catering, cleaning and reception to security, laboratory and grounds maintenance services, enabling our clients to focus on their core business.

Sodexo and our clients are committed to safeguarding and promoting the welfare of children and adults within a regulated activity. Certain roles will require applicants to undergo screening appropriate to the post, including checks with past employers and the Disclosure and Barring Service (DBS) and/ or Disclosure Scotland.

This website is using cookies to improve your browsing experience. If you navigate to another page without changing the settings bellow you consent to this. Read more about cookies.