Essar Oil UK is a leading UK-focused downstream energy company whose main asset is the Stanlow Manufacturing Complex, one of the most advanced refineries in Europe and situated close to the major cities of Liverpool and Manchester. Stanlow is a key strategic national asset, annually producing over 16% of the UK’s road transport fuels, while playing an important part in Britain’s petrochemical industry by providing key feedstocks.
The business is a major supplier in the North West and beyond with customers including most of the major retail brands operated by international oil companies and supermarkets, Manchester Airport, leading commercial airlines and the region’s trains and buses.
The business covers crude and product trading, refinery operations, HSE implementation, maintenance support and technological services, together with marketing and retail activities. Our commitment to maintaining safe and healthy working conditions and following the best operating practices to protect the environment underpins everything we do.
We employ over 900 highly trained and loyal staff, who are at the heart of everything we do. The company has an embedded safety culture, technically challenging work across the different parts of the business and some of the best training available in the energy industry.
We currently have an exciting opportunity for an Information and Data Security expert to support both the CIO (Chief Information Officer) and the business achieve the highest standards of information and data security within Essar Oil UK.
The post holder will lead on the Company’s commitment to preserving the confidentiality, integrity and availability of all the physical & electronic information assets throughout the business. Therefore, will be responsible for ensuring compliance with GDPR.
In particular, the post holder will need to:
(a) Act as the Data Protection Officer for Essar Oil UK,
(b) Ensure the company complies with relevant legislation, regulations, codes of practice or technical guidance in all matters relating to security,
(c) Provide specialist advice for security on matters relating to data protection and IT security management, and
(d) Provide specialist training to all levels of staff within the organisation on all matters relating to IT and data security.
The post-holder will need to be aware of the bigger picture both within the business and understand the importance of Data Security management, including external drivers and standards [such as ISO 27001]. The post-holder will be responsible for keeping stakeholders informed on these issues and advising them of the best approach & opportunities.
Our ideal candidate should have a degree in a relevant subject or substantial senior technical experience, supported by previous experience of working within a senior position within a large organisation and operating with senior management on a regular basis. The post holder will require a high level of IT literacy and direct, demonstrable experience with data security applications, systems & solutions. As well as a solid understanding of legal compliance, how to reach the requirements and application of the Data Protection Act.
Additional requirements are as follows:
Experience of working to standards such as ISO 270001.
Information Technology & Infrastructure Library (ITIL) awareness of the latest developments as well as innovations in data security.
The ability to get things done without direct authority over a team. Good negotiating and influencing skills.
Ability to drive forward change effectively, using a flexible, consultative and supportive approach.
Ability to undertake research and development work to ensure that the organisation is up-to-date with the latest developments in data security management.
Experience of providing training and guidance around data security issues, from IT engineers to non-IT literate staff.