Security Compliance Manager - Cyber Security - Remote
No day is ever the same as a Security Compliance Manager as every client is different. In a nutshell: you will be accountable for the end-to-end management of compliance, acting as a single point of contact for all compliance matters on client accounts.
Role accountabilities:
- Current NPPV3/SC clearance or the ability to be cleared to that level
- Planning & co-ordinating internal audits and remediation of non-conformities.
- Planning & co-ordinating audits on Delivery Partners and Third-Party Suppliers.
- Assuring that remediation of Non-conformities by Delivery Partners and Third-Party Suppliers.
- Facilitation of audits conducted by external auditors and the remediation of resultant non-conformities.
- Undertaking and managing Risk Assessments on an enduring basis.
- Managing Information Security Risks including reporting to the clients account management team.
- Establishing the context under which Security Risk Management is performed.
- Risk identification using all available sources of information.
- Analysis of Risks to identify consequences and likelihood.
- Risk evaluation and prioritisation.
- Ensuring that appropriate Risk treatments are selected, implemented and monitored.
- You will have the opportunity to interact with a truly global team of security experts, from Architects to Engineers, from Security Managers to Developers, but that outreach doesn't just stop at security; we actively encourage our staff to engage with other areas of the business and local communities.
To be considered for this position:
- A good knowledge of Cyber Security and Information Assurance - an ability to demonstrate understanding of governance, compliance and risk from different perspectives i.e. across people, processes and technology
- Strong communication skills - an ability to communicate with a variety of people is essential. We are looking for individuals who can interpret complex technical information and translate it effectively for different audiences
- Someone who is an advocate for security good practice, with the ability to influence others
- An ability to identify and drive improvements
- Hold, or be working towards, ISO 27001 Lead Auditor
- A working knowledge of ISO27001 required, and desirable to have knowledge of ISO33052, ISO33072 and METSec
- Current NPPV3/SC clearance or the ability to be cleared to that level
- Experience in the public sector preferred but not required
Security Compliance Manager - Cyber Security - Remote