Security Governance and Compliance - Senior Manager
Role: Security Compliance and Governance - Senior Manager
Location: Berkshire, East Midlands, West Midlands, Manchester (full flexible working)
Security Compliance and Governance - Senior Manager
Stanton House are recruiting for a Security Governance and Compliance - Senior Manager, to join a UK leading Telecommunication business, who boast a £5bl turn over and a very strong customer brand.
This role sits in their Group Technology function and will report through to their Group Security and Compliance Director. The role of Security Governance and Compliance - Senior Manager, will manage a team of Compliance and Governance Managers and Advisers.
- You will be accountable and responsible for providing compliance & governance guidance and advice for all areas of the business, excluding Finance
- This role will include taking key decisions in compliance standard control mitigation, developing evidence scope with the business unit Director, and representing all departments at director level to ensure business units are ready for certification audits.
- Carry out regular operational reviews of the business units in the division to ensure certification is maintained.
- Work with business units to raise appropriate risks and ensure these are captured in the central register.
- The ideal person will have strong knowledge of the governance / compliance standards, which include IS027001, CAS(T), PCI, etc
- Strong stakeholder management experience and being able to strive in a complex matrix managed organisation
- Identify and manage the actions required to ensure compliance to the required governance standards for each Business Unit
- This person will operate the ISMS (information security management system) framework
- Develops, implements, and monitors security policies and security controls in accordance with recognised best practice and in line with ISO27001
- Provides subject matter expertise to the division and support projects across the division to ensure information security is embedded appropriately
- Operates the information security management system framework
- Responds to security incidents and breaches, conducts investigations, reports results and recommends mitigation strategies
- Create a consistent approach to documentation, documentation repositories, evidence capture and compliance action management
- Responsible for all new Operational process formatting and development.
- Responsible for maintaining any compliance mitigation plans
Preferred education / qualifications / experience:
- Certification to Lead / Implementer level for (ISO27001:2013, CAS-T, PCi or equivalent)
- Internal compliance manager experience of at least 4 years