Description
Security Risk manager, Contract, £750 per day Inside IR35.
A global financial services client of Spencer Rose are looking for an Information security control and risk specialist to join them on a 6 month initial contract. The focus of this role is to evolve the security posture across the enterprise. Finding a balance between risks, order, control, innovation, and high quality performance to maximise delivery, ensure effective protection and mitigation of security risks.
Essential Function
- Implements application and technology infrastructure risk assessment policy and procedures for assessing information security risks.
- Implements application and technology infrastructure risk assessment policy and procedures for assessing information security risks.
- Maintains risk classification information and monitors for changes to the environment that may require calibration of risk classification for information assets.
- Implements controls assessment policy and procedures for assessing information security controls.
- Monitors external assurance controls to identify early indicator of control exceptions.
- Coordinates, tracks, and reports on deficiencies identified by third parties performing risk assessments and test of controls.
Knowledge Required
- Advanced knowledge of business processes for contracted and service schedules for outsourced security services
- Knowledge of security methodologies, policies, standards and best practices
- Knowledgeable of best practices in information technology governance and regulatory landscape for financial institutions
- In-depth knowledge of security frameworks (eg, ISO 27000, NIST, FFIEC, etc)
- Advanced knowledge of information technology systems, infrastructure and operations
- Advanced working knowledge of information security systems and technologies
This role requires evidence of the following:
- Working within Security governance risk and control environment
- Working in the Financial Service Industry
Once you have applied I will be in touch within 24hours to discuss the role in more detail and give you an opportunity to present your relevant experience. If you do not hear from me please follow up on (see below) or call my direct dial.