Takes responsibility for the delivery of IT security expertise for the organisation, providing authoritative advice and guidance on the application and operation of all types of security control, including legislative or regulatory requirements such as data protection/GDPR and software copyright law. Acts as the organisation’s data protection officer for the purposes of GDPR legislation.