Information Security Engineer

Oxford, UK

The Role

The successful candidate will have a keen interest in information security and will be able to adapt and learn on the job. You will work with a rapidly evolving team involved in delivering the organisational information security programme, which can include elements of audit, training, process and policy development, as well as incident response and risk management. You will engage with stakeholders to provide information security and risk management support in Product and Project Management lifecycle as well as ad hoc support. The information security team works closely with the Quality and Regulatory Affairs groups, IT, Legal, and Software Engineering departments.


  • Perform internal audits
  • Conduct staff training on information security management concepts and tools
  • Monitor and respond to information security incidents and support requests as required
  • Establish and maintain Perspectum's information security documentation
  • Act as initial point of contact for information security guidance and support
  • Apply effective data management/ retention techniques
  • Participate in external audits
  • Identify and coordinate investigations arising from information security incidents and issues
  • Helping the business understand the information Security risks
  • Ensure company information security policies, processes, and procedures are conformant to applicable standards and ISO regulations
  • Communicate and roll out improved/ new processes and procedures to wider business and external stakeholders
  • Utilise effective root cause analysis tools/ problem solving methodology
  • Support information security agreements and conduct 3rd party supplier evaluations/ audits
  • Work with department managers to review requirements and reduce risk
  • Work with department managers to ensure best practice and drive continuous improvements Maintaining the ISO 27001 certification
  • Implementing the NIST Cybersecurity Framework
  • Ensure implementation of Corrective action
  • Plan and report on internal audit program to meet yearly scheduled forecast's and perform ad hoc audits, if deemed necessary
  • Coordinating responses to security incidents

Skills and Requirements: Essential

  • Excellent written and spoken communication skills
  • Excellent attention to detail
  • Ability to work independently and as part of a team
  • Excellent analytical and problem solving skills
  • Effective time management - working to deadlines
  • Experience working with Information Security Management Systems and Processes
  • Experience with continuous improvement techniques
  • Experience acting in an information security or governance role

Skills and Requirements: Desirable

  • Experience working in an IT related role
  • Experience within Medical Device/ Pharma/ Clinical Industry
  • Acted as lead auditor during Internal audits
  • Experience with supplier management - supplier approval visits/ process audits
  • Experience leading teams and 'hands on' approach
  • Experience leading information security and risk management programme
  • Experience in working with personal and financial data
  • Experience of Information Security standards, ISO 27001, NIST CSF
  • Understanding of GDPR, DPA 2018, PCI DSS, SOX
  • Understanding of CE marking and FDA requirements
  • Educated to degree level
  • Internal Auditor ISO27001
  • Information Security or Information Risk Management related certification

Interested in this position?

We are always looking for brilliant people to join us here at Perspectum Diagnostics.

Use the form below to send us your application.