IT Governance Risk and Compliance Manager
Hays Specialist Recruitment Limited Glasgow Permanent
IT Governance, Risk and Compliance Manager Permanent Salary:
- £75,000
- £80,000 (neg.) plus 10% bonus Location: Glasgow Working Arrangement: Hybrid
- 2 days on site Your new company: Im currently looking for an Information Security Manager to work for one of Hays long-term clients based in Glasgow.
This role is a GRC-led leadership position and the ideal candidate will have operated at a senior level maintaining information security accreditations such as ISO27001 and Cyber Essentials +, acting as an IT Risk SME, and working closely with senior leadership on the security assurance of a business.
This role involves: Leading on business-wide GRC and information security assurance initiatives Contributing to a future-focused security model considering IT risk, data security, incident response plans, alongside disaster recovery and business continuity Leading in the maintenance of ISO27001 and CE+ compliance and certification where appropriate Completing IT Risk assessments, adding to and maintaining the risk register Overseeing the cyber security incident response process and taking a leading role in assessing corrective actions Acting quickly and decisively on information security incidents in line with your knowledge of industry best practice Working with various business leaders on regular security awareness activities, effectively communicating details of emerging security threats and risks and acting as an Information Security Risk Management SME Engaging with business continuity with senior IT leaders Taking an active involvement in annual information security reviews, communicating to senior stakeholders about contemporary risks to be considered and initiatives to combat them Advising on all areas of data security- e.g. impact assessments, data security awareness training, data protection Tweaking and maintaining the ISMS in line with your knowledge of industry best practice Using your knowledge of technical IT controls to ensure that projects, transformations, current policies and systems are fit for purpose and aligned with organisational risk appetite Leading a small team of security analysts spanning risk and governance Leading the risk and governance function as a GRC SME and supporting with risk assessments of transformations, regulations, and policies Overseeing supplier assurance processes from a security perspective Assisting in the creation of governance policies and processes Creating reports for governance groups Maintaining a contemporary knowledge of current threats and cyber trends, using this to guide the strategic direction of the technology governance model, and to ensure operational risks are managed appropriately Collaborating with stakeholders within audit, operational risk and the three lines of defence Providing strategic advice and input on the organisations cyber security strategy What youll need to succeed: An SME within Information Security Risk Management Experience maintaining ISO27001 and Cyber Essentials Experience developing and maintaining an ISMS Excellent communication and stakeholder engagement skills Experience leading a cyber security awareness campaign and assisting with surrounding educational measures A business solution focused mindset Relevant industry certifications Experience leading and supporting with risk management and risk assessments The ability to maintaining and foster sound security principles across the organisation whilst keeping a business solution mindset, to not inhibit business functions, projects and transformations Experience defining governance models Team management experience Strong IT risk management experience and comprehension of best practice controls and security risk frameworks
- NIST, COBIT.
By applying for this job you accept the T&Cs, Privacy Policy and Disclaimers which can be found at hays.co.uk
TSB BankEdinburgh, 41 mi from Glasgow
TSB Bank Plc
Role: Payments Risk & Compliance Manager Function: CIOSalary: Competitive plus generous benefits packageLocation: Edinburgh, Gloucester, Bristol or London
• Hybrid workingClosing Date: 3 October 2024
At TSB, we’re transforming...
AshurstGlasgow
monitoring high risk users and flagging suspicious behaviour to senior management; following-up on non-compliance and raising awareness / educating staff on data loss prevention best practice to prevent data loss incidents from occurring in the first place...
University of EdinburghEdinburgh, 41 mi from Glasgow
The Opportunity:
Childlight, a global child safety institute, is looking for a Quality and Compliance Manager to ensure that Childlight adheres to processes and policies that support high quality and ethical operations.
You will play an essential...