Job Description

Change your job, change your workplace, change your future...


Ricoh are currently recruiting for a Information Security Officer based in London who will be accountable for the development, implementation, and continuous improvement of the Information Security Management System (ISMS) at Ricoh Europe PLC. The role exists to protect the confidentiality, integrity, and availability of corporate information assets, and to ensure the organisation's alignment with ISO/IEC 27001 standards and applicable regulatory requirements.



Ricoh transforms organisations, using innovative technologies and services enabling you as an individual to work smarter. This is what we call "empowering digital workplaces".




In fact the entire Ricoh workforce enjoys our pioneering and innovative ways of working. We like to call it: imagine. change., it's the ethos of our brand and how we drive positive change for ourselves and others. Our teams are embracing change, fostering new ways of working and we have never been more resolute in our mission - "you work for us, and we`ll work for you".


What you will be doing

Audit & Compliance Experience

: Conducting internal audits and working with external auditors.

Policy Development

: Drafting and enforcing security policy, standards and procedures.

Incident Response Knowledge

: Leading or coordinating responses to security breaches or events. Lead the

maintenance, development

, and enhancement of the ISMS to ensure continued

ISO/IEC 27001

Conduct regular

internal audits and risk assessments

, ensuring timely remediation of any identified vulnerabilities or non-conformities. Establish and enforce

information security policies

, standards, and controls across the organisation. Act as the central authority and subject matter expert on information security within Ricoh Europe PLC. Monitor the threat landscape and

coordinate incident response

planning, including investigation, mitigation, and communication of security incidents. Oversee the security assurance programme, including third-party risk management and vendor assessments.

Collaborate

with IT, legal, HR, and business teams to integrate security principles into operational processes and projects. Promote a strong culture of

security awareness

through training and awareness campaigns and quarterly Phishing Simulations. Provide reporting on

ISMS performance, risks, and assurance

activities to senior stakeholders and auditors. Demonstrate a deep understanding of information security standards and management systems, particularly

ISO/IEC 27001

, and the ability to operationalise policies, manage risks, and ensure compliance within a complex enterprise setting. Perform

risk assessments

and tracking risk treatment plans. Prepare documentation and evidence for

ISO 27001 audits.

Demonstrate experience with

data protection principles

and delivering privacy impact assessments Process and Policy Level and design and implement security controls in line with policy requirements. Develop and maintain the

ISMS manual

and associated procedures. Align security strategies with business continuity and data protection programmes. Interpret

IT governance

and control frameworks such as:

ITGC, NIST, COBIT, CSTAR, ITIL

, and other standards to shape policy and monitor conformance. Analyse threat intelligence and risk trends to anticipate and prevent security breaches and advise on emerging technologies and their potential impact on security posture. Demonstrate and utilise foundational knowledge of project management frameworks such as:

Lean Six Sigma, PRINCE2

and

Cyber Essentials

and Cyber Essentials Plus frameworks.

You will ideally have


Candidates will ideally have a proven background working in an EMEA wide organisation or larger enterprises with complex operations across an IT landscape / environment. You will ideally be educated to bachelor's degree (or equivalent) ideally in relevant field such as: Cyber Security, Information Technology, Computer Science or Information Systems Candidates will have ISO 27001 Lead Implementer or - ISO27001 Lead Auditor, with further qualifications across CISM, CISA, CRISC, CCAK, ISO 27701, Data Protection Practitioner, ISO 22301 Lead Implementer, ISO 27005 Risk Manager a distinct advantage. Ideally successful candidates will have exceptional interpersonal and communication skills are indispensable in this role. The Information Security Manager must interact with a wide spectrum of individuals, ranging from technical engineers and legal advisors to C-level executives and end-users. Preferably candidates will have the ability to tailor communication--presenting detailed technical risk in a non-technical, business-relevant format--is essential. Successful candidate will have assertiveness balanced with diplomacy, especially when challenging decisions, enforcing compliance, or navigating resistance to change. Trust-building is a critical success factor, as the Information Security Manager often has to advise, influence, and lead without formal authority. Conflict resolution, negotiation, and consensus-building are recurring themes in the role, as are empathy and cultural awareness--especially when operating across the diverse cultural landscape of Ricoh's European operations. Active listening, a collaborative mindset, and the ability to motivate others to engage with security initiatives underpin the role's success in promoting a security-first culture. Successful candidates must also demonstrate, ethical behaviour, confidentiality, integrity and take due professional care in all interactions relating to Auditing as per the principles of ISO 19011.



In return for your commitment, you can expect


A competitive salary package Industry leading benefits


Ricoh is an exceptional place to work. A place where there is strong emphasis on career development for the right individuals. This is a role where you can excel within a fast-paced environment and succeed within a thriving organisation.




This is an excellent opportunity to join a global company where you can truly capitalise and build on your own experience.



Ready to make that change? Apply now for a confidential conversation with our Recruitment Team.
We are an equal opportunities employer


At Ricoh, we embrace and respect the collective and unique talents, experience, and perspectives of all people. Together we inspire remarkable innovation. That's how we live the Ricoh Way.



Ricoh have removed the disclosure of convictions box from their application process (ban the box - http://www.bitc.org.uk/programmes/ban-box) offering equal opportunities to all.




For all roles, we will judge each individual on their skills and ability before taking into account their history. However some roles are subject to sensitive and restrictive information and, if successful, you may be required to undertake pre-employment vetting checks which include but are not limited to residency check, credit reference check, financial sanctions` check and a DBS Check. Further information on Employment Vetting can be accessed by contacting the Ricoh Recruitment Team.


FUNCTION###

IT

LOCATION###

London

CONTRACT TYPE###

Permanent

CLOSING DATE###

27-Oct-2025