Head of Cybersecurity Governance Risk and Compliance
New Yesterday
Mainly remote based working in the UK with travel to Oxford, Cowley (OX4 2GQ) occasionally
£70,000 per annum, plus car / car allowance, 33 days holiday, pension, life assurance, employee assistance programme, wellbeing support, and flexible benefits scheme
About the Job
As our Head of Cybersecurity Governance Risk and Compliance you'll work closely with business and technology teams, helping to articulate and communicate the InfoSec governance program, identify risks and evaluate and help implement controls and improvements.
As part of your key responsibilities you'll:
- Manage the day to day of the function and team
- Support the management of Information Security governance for the organisation, ensuring adherence to Group policies and standards
- Ensure key Information Security risks and issues are identified, addressed and resolved in a timely manner
- Work closely with the Director of Information Security to ensure Group security strategy is appropriately implemented, and divisional requirements are understood and supported
- Assist in management of the Group's Information Security Management System including maintenance of the ISO 27001 certification
- Engage with the IT Security Operations team and assist the Director of Information Security in providing oversight and challenge to that function
- Participate in periodic security related testing activities (e.g. Crisis planning events, DR exercises)
- Prioritise and manage response activities
- Drive the audit and client management aspects of the Information Security team, including client due diligence questionnaires, and help design more effective procedures in this space
- Improve and support relevant security metrics; analyse data, identify trends and drive improvements to the control environment
- Assist in general Information Security related issues as required, including potential interaction with the Security Operations team, Technology teams and business stakeholders
- Working with the Security Architect ensure alignment of bid requirements with existing InfoSec standards and liaise with relevant teams for resolution where non-standard requirements are identified
About You
We'd love you to have the following skills and experience, but please apply if you think you'd be able to perform well in this role!
- Excellent written and verbal communication skills
- Previous experience within a GRC function, IT Security/Cyber team, Internal Audit or an IT environment
- Hands on practical experience of ensuring full compliance with legal & regulatory frameworks including ISO 27001
- Risk management
- Strong leadership and communication skills, with the ability to motivate and manage a team
Our recruitment and selection process has been developed to ensure that it is consistent, fair and provides equality of opportunity - all selection decisions are based solely on technical and behavioural competencies. We do not discriminate on the grounds of race, colour, or nationality, ethnic or national origins, sex, gender reassignment, sexual orientation, marital or civil partnership status, pregnancy or maternity, disability, religion or belief, age or any other current or future protected characteristic as defined in the current Equality Act of England and Wales. As an organisation we also promote an environment which encourages diversity of characteristics and thought, where you feel included, safe and confident to be the best version of yourself and do your best work every day. #J-18808-Ljbffr
- Location:
- England, United Kingdom
- Salary:
- £100,000 - £125,000
- Category:
- Consulting