Information Risk Manager

London  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Description

Information Risk Manager required for market-leading consultancy. The primary purpose of the role is to lead the 2nd line assurance team in order to achieve and maintain technology certifications, identify and manage technology risks and administer the internal assurance frameworks.

Responsibilities

  • Ability to supervise or lead information assurance related assessments independently such as ISO27001, Cyber Essentials or other external/internal certification standards.
  • Able to work collaboratively with teams from other disciplines through Committees and informally within the global organisation and with the suppliers and clients.
  • Lead the team in a continuous improvement regime, through a Technology Assurance and Technology Control Framework(s) and other standards.
  • Ability to propose and set policy standards for the organisation, and to audit against these standards and provide C-level reports.
  • Able to manage concurrent complex activities to short timescales.
  • Able to work under pressure to deliver good quality assessment reports.
  • Perform on-site and/or remote security assessment of systems and processes across business units that transmit, process or store sensitive data.
  • Work with existing and/or certify new projects or products to conform information security measures in place.
  • Own the Back Office functions and activities including assurance scheduling, reporting and remediation management.
  • The go-to resource for assurance whilst working as part of a global team to provide supplier data security advice and guidance.
  • Be prepared to occasionally travel for assessments (includes UK & international) - less than 10%.

Requirements

  • Experience in conducting information security assessments, deep-dive multi-day assessments or audits.
  • Ability to produce high-quality audit or assessment reports.
  • Good knowledge of all domains within security eg cloud, security management, service management, BCM, physical, GDPR/data protection.
  • Good communication and influencing and negotiation skills.
  • Experience in similar role for a complex global organisation (consultancy, insurance or financial services sector preferred but not essential).
  • Ability to explain technical complex concepts to non-technical stakeholders and suppliers.
  • A recognised security certification such as ISO/IEC 27001 Lead Auditor, CISA, CISM, or equivalent experience.
  • Academic qualification (eg, degree), or equivalent experience.

As an ideal candidate, you will have an industry certification such as CISSP/CISM/CRISC and have expert knowledge of information risk. You will also have a proven track record of delivery in a similar role.

Start date
Immediate Requirement
Duration
6 months
From
Barclay Simpson Recruitment
Published at
21.10.2021
Project ID:
2233407
Contract type
Freelance
To apply to this project you must log in.
Register