A leading IT Infrastructure & Services Consultancy seeks a Cyber Risk Manager for a 3 month contract initially, based in Hatfield, Outside IR35
The Cyber Risk Manager will be responsible for the operation of the risk management process. The role will be responsible for identifying, analysing and evaluating risk as part of the risk assessment process, recording, monitoring and reviewing risks and working with risk owners to manage the action plans associated with identified risks.
The Risk Manager will
Be a subject matter expert in the delivery of risk management;
Be responsible for the operation of the end to end group Cyber Risk Management processes and identify continuous improvement for the process;
Schedule risk assessments across systems, locations to validate the implementation of controls
Coordinate risk management activities across the group to ensure cooperation with all associated delivery teams;
Proactively measure the effectiveness of risk management through regular management information, delivered to the Group Head of Cyber Risk
Provide regular and accurate reporting metrics to senior management and organisational stakeholders;
Support CSG by ensuring risk management requirements are delivered for information systems and locations;
Degree or relevant experience in risk management;
Minimum of 5 years demonstrable experience in Information and Cyber Security; including risk management and security framework management;
Significant experience in risk management methodologies and delivery;
Experience in IT security including vulnerabilities, compliance;
Practical experience in IT operations including asset management;
A genuine interest and desire to develop and maintain team members;
Strong IT and network skills – knowledge of common enterprise technologies – Windows, Linux, Cloud platforms etc and a desire to deliver success with new and evolving technologies.
Understanding of information assurance standards and frameworks including CIS, NIST, ISO 27001, Cyber Essentials/Essentials Plus, GDPR;
Recognised information security and/or information technology industry certification (CISSP, CISA, CISM, CRISC or equivalent);
Experience with ISO31000 enterprise risk management.
To apply for this job please visit www.cybersecurityjobsite.com.