IT Governance Risk and Compliance Manager

• £75,000
• £80,000 (neg.) plus 10% bonus Location: Glasgow Working Arrangement: Hybrid
• 2 days on site Your new company: Im currently looking for an Information Security Manager to work for one of Hays long-term clients based in Glasgow.

This role is a GRC-led leadership position and the ideal candidate will have operated at a senior level maintaining information security accreditations such as ISO27001 and Cyber Essentials +, acting as an IT Risk SME, and working closely with senior leadership on the security assurance of a business.

• e.g. impact assessments, data security awareness training, data protection Tweaking and maintaining the ISMS in line with your knowledge of industry best practice Using your knowledge of technical IT controls to ensure that projects, transformations, current policies and systems are fit for purpose and aligned with organisational risk appetite Leading a small team of security analysts spanning risk and governance Leading the risk and governance function as a GRC SME and supporting with risk assessments of transformations, regulations, and policies Overseeing supplier assurance processes from a security perspective Assisting in the creation of governance policies and processes Creating reports for governance groups Maintaining a contemporary knowledge of current threats and cyber trends, using this to guide the strategic direction of the technology governance model, and to ensure operational risks are managed appropriately Collaborating with stakeholders within audit, operational risk and the three lines of defence Providing strategic advice and input on the organisations cyber security strategy What youll need to succeed: An SME within Information Security Risk Management Experience maintaining ISO27001 and Cyber Essentials Experience developing and maintaining an ISMS Excellent communication and stakeholder engagement skills Experience leading a cyber security awareness campaign and assisting with surrounding educational measures A business solution focused mindset Relevant industry certifications Experience leading and supporting with risk management and risk assessments The ability to maintaining and foster sound security principles across the organisation whilst keeping a business solution mindset, to not inhibit business functions, projects and transformations Experience defining governance models Team management experience Strong IT risk management experience and comprehension of best practice controls and security risk frameworks
• NIST, COBIT.

By applying for this job you accept the T&Cs, Privacy Policy and Disclaimers which can be found at hays.co.uk