Back to search
This role will take the key part in supporting the Information Security Risk program, ensuring it's effectively implemented to protect the organisation, its customers, and stakeholders. You will report to the Head of Information Security GRC. This role is a hybrid role with 2 days working on-site in Chester
Client Details
My client is a global software development business, who is keen to offer both career and professional development to its employees.
Description
- Contribute to the execution of the information security strategy, including advanced global projects.
- Increase awareness of risk identification and management within the organisation.
- Oversee and update the information security risk register to ensure compliance with policy.
- Generate, manage, and analyse risk management data
- Collaborate with business leaders to manage risks in accordance with policy.
- Develop and deliver risk education and awareness training across the organisation.
- Conduct risk assessments for new projects.
- Manage supplier risk activities, including contract reviews.
- Establish and maintain the Operational Resilience and Redundancy program.
- Plan and coordinate annual resilience testing, supporting business functions to meet expectations.
- Lead and conduct annual business impact analyses.
- Respond to customer and supplier requests for information security risk information
Profile
- Demonstrated experience in IT GRC ideally focusing on information security risk management.
- Excellent stakeholders management skills
- Experience in 3rd party risk management
- Familiar with security best practices: ISO27001, NIST, Cyber Essentials plus, PCI DSS
- With experience in Business Continuity is preferred
- With certifications of CRISC / CISM / CISMP is preferred
Job Offer
- Excellent career prospect and support in professional development
- Hybrid working
- Private Medical and Life Assurance
