Information Security Risk and Governance Manager
Salary:
Opportunity type:
- Permanent
Location:
Specialism:
- Cyber Security
Date posted:
Opportunity reference:
Opportunity description
This vacancy has now expired. Please see similar roles below...
Stanton House have partnered with a global, market leading, Digital Marketing and Adverting Agency, who are in the processes of further growing their Governance, Risk and Compliance team, and are recruiting a Security Governance & Risk Manager, who will be based out of their London or Manchester office.
This is a £5bn turnover company, who have over 50,000 employees, operate in over 150 countries worldwide, and boast a diverse, and exciting portfolio of clients. This business crafts powerful strategic ideas that ground brands in platforms, to create impact & sustain connections.
The Security team are responsible for the scope and delivery of both cyber security and business continuity activities that cover every one of their offices located across 150 countries globally. Led by the Director of GRC, our Governance, Risk and Compliance team are responsible for an extensive programme covering Security Governance & Risk, Security Assurance, Employee Training & Awareness, Third Party Security Assurance, Information Security Management Systems (ISO 27001) and Business Continuity Management.
Joining our expanding and ambitious Governance, Risk and Compliance team you will be reporting directly to the Head of Security GRC in an increasingly autonomous role overseeing our evolving Security Governance & Risk function.
- Development of the global security governance strategy and framework
- Lead the implementation, certification process and ongoing management (through continual
- improvement) of DAN's Global ISO 27001 ISMS
- Define, communicate and maintain a set of security policies, standards and guidelines
- Operate a security risk management function that ensures security risks are identified, assessed,
- articulated and acted upon in a proportionate manner - aligned to their ERM framework
- Manage the mergers and acquisitions governance framework for the global and regional security
- teams
- Innovate and lead change across the Security Governance & Risk ensuring that both existing and
- future capabilities mature in line with commercial and industry standards
- Manage key stakeholder relationships across global support functions and brands, promoting
- wider engagement with the Security function
- Lead the Security Governance & Risk team, taking responsibility for the professional development of direct reports
- Deputise for Information Security service owners where required
Candidate Profile
- Preferred Security qualifications: CISSP, CISM, CISA, CRISC
- In-depth technology and cyber security knowledge, with a strong background in technology risk management
- Thorough understanding of information security regulatory compliance
- Has led the implementation and/or managed the continual improvement of an ISO 27001-aligned
- information security management system
- Demonstrable experience of security assessment methodologies and frameworks (ISO 27001,
- NIST, SOC2, PCI)
- Experience of working with a high degree of autonomy, managing own and others' workload, and delivering to tight timescales
- Proven ability to work in collaborative environment
- Excellent stakeholder engagement and ability to drive change in a matrixed organisation
- Experienced in using enterprise risk management and assurance tooling
Please apply to this advert to be connected to a Cyber Security specialist head hunter.