An established and fast growing international organisation within the entertainment sector is seeking an Information Security Officer to support its Group Governance Risk and Compliance function. This is an excellent opportunity for a security professional with a strong interest in governance, risk management, and compliance to play a key role in maintaining and strengthening the organisation’s security posture.

Location: London
Salary: Competitive
Contract: Full time Contract initial 6 months
Work pattern: Office based with some UK and European travel

Reporting into the GRC Lead, the Information Security Officer will work closely with technology, development, and operational teams to support regulatory compliance, risk assessments, security documentation, and audit readiness across the business.

Key Responsibilities

1. Support the ongoing development and operation of the organisation’s governance risk and compliance framework
2. Assist with regular information security and risk assessments
3. Maintain and update security policies, standards, procedures, and control documentation
4. Support compliance with regulatory and industry frameworks including GDPR ISO27001 PCI and CIS
5. Prepare evidence and documentation for internal and third party audits
6. Support incident response activities and wider cybersecurity initiatives
7. Act as a liaison between technical teams and the wider business on security and compliance matters
8. Contribute to the delivery of security awareness and compliance training
9. Monitor regulatory and security landscape changes and support policy updates
10. Provide support and insight to senior stakeholders on GRC related topics

Skills and Experience Required

1. 2 to 3 years experience in information security GRC risk management or compliance focused roles
2. Strong understanding of governance risk and compliance principles
3. Knowledge of security frameworks and regulatory requirements such as ISO27001 GDPR PCI and CIS
4. Awareness of technical security concepts including threats attack patterns malware SIEM and EDR
5. Experience supporting risk assessments audits or vulnerability management activities
6. Strong written and verbal communication skills
7. Ability to manage multiple priorities and work independently
8. High attention to detail with strong analytical skills

Desirable Qualifications

1. Degree in Information Security Risk Management or a related discipline or equivalent experience
2. Certifications such as Security Plus ISO27001 Foundation or Practitioner CRISC or similar

Benefits

1. 25 days holiday plus bank holidays
2. Opportunity to work within a dynamic international environment
3. Exposure to a broad group level security and compliance programme