Information Security Governance, Risk and Compliance Lead
Salary:
Opportunity type:
Location:
Specialism:
Date posted:
Opportunity reference:
Opportunity description
This vacancy has now expired. Please see similar roles below...
Stanton House have partnered with a global, nuclear fuel company, who are searching for an Information Security GRC Lead, to report into the Group CISO and over-see the Cyber Security Programme the business is running at present.
This role will be a good fit for someone who has a strong PMO background and is able to manage multiple Information Security Governance Risk and Compliance projects and plan programmes.
The role is a full-time permeant role, based in the South of the UK, and has 1 direct report. As the programme progresses, this person will manage small project teams too.
The team:
Governance, Risk and Compliance: This team will oversee the cyber security programme, tracking risk reduction and developing metrics and reporting. Culture change sits within this group with responsibility for raising awareness of the risk and setting clear personal accountabilities for the workforce. This team will support the business areas to identify which information is critical and sensitive to business and implement additional controls to protect it.
* The Information Security Governance, Risk and Compliance Lead is a role with a variety of responsibilities which will suit an all-round security professional. This is a great opportunity for someone with CISO aspirations to join this business and experience their transformational journey.
* This role will give the opportunity for the right candidate to get broad experience of many aspects of information security in one role.
* Successful candidates will be required to achieve and maintain DV or SC clearance.
Role responsibilities:
* Responsible for the information security programme - ensure that it delivers the strategy to time, cost and quality
* Responsible for managing and forecasting departmental budgeting cycle and ensuring that all activities are delivery on budget
* Responsible for establishing the governance framework for information security within the company building on the existing governance groups
* Accountable for improving the information security culture across the group and increasing the personal accountability for information security taken by everyone accessing their systems.
* Working with the wider team, co-ordinate risk management activities - risk register, overall risk reduction etc as input to the strategy
* Develop regular reporting of metrics and key risk indicators both internally within the group and to key stakeholders
* Accountable for Information Governance - support the business areas to identify which information is critical and sensitive to the business and implement additional controls to protect it. This included formal classification of information as defined by each of the governments.
Specific knowhow and technical skills:
* Generalist understanding of information security management systems such as ISO27001 or NIST
* Strong project management skills
* The ability to discuss and explain information security concepts in business language and vice versa
For more information on this role, please apply through this advert to speak with Rich Williamson.
Similar opportunities
£65000.00 - £75000.00 per annum + Bonus and Benefits
London
£100000.00 - £110000.00 per annum + bonus
London
Up to £500.00 per day + IR35 to be determined
South East England
Up to £500.00 per day + IR35 to be determined
South East England