Accessibility Links

IT Risk Compliance Manager - SC cleared

  • Salary: Negotiable
  • Job type: Contract
  • Location: Farnborough, Hampshire
  • Sector: Risk & Compliance
  • Date posted: 05/10/2017
  • Job reference: J375282A

IT Risk Compliance Manager - SC cleared

Farnborough

3 month initial contract

Aiming £350.00 p/d - open to negotiation

The IT Risk & Compliance Manager is responsible for defining, implementing, supervising and improving the process and procedures for the IT department's Assurance frameworks.

The position will support the Cyber Defence Practice (CDP) requirements to comply with government DAIS accreditation and industry standards including ISO 9001, ISO 20001, ISO27001 and 27002, SANS20, NIST800 and TickITplus.

This role will lead the IT effort to identify risks to the safe and secure operation of the global IT estate and be accountable for their resolution and mitigation.

Experience and knowledge

  • Initiates and tracks the development of all processes and procedures, and is responsible for their compliance to the appropriate standards.
  • Supports teams to educate, implement and train agreed process to IT staff.
  • Ensures all Information Security Management responsibilities are appropriately assigned and correctly executed.
  • Coordinates day-to-day process execution, providing guidance to team leads and members where and when appropriate
  • Defines and operates assurance programmes which monitor compliance versus polices and standards and drives closure of gaps.
  • Establishes process measurements, provides monthly reporting, and is accountable for IT group process results, and their impact on functional activities.
  • Chairs IT Strategy, Compliance & Accreditation and ISMS meetings.
  • Where necessary provides advice and guidance into new opportunities for other business units, where IT has a role in delivery of services to external customers, ensuring that customer Service Level requirements are addressed appropriately.
  • Works effectively and efficiently with minimal oversight, advises and provides guidance to other teams and team leads.
  • Has a solid grounding in IT capability, process and ITIL best practice.
  • Is able to recognise problems related to process and apply suitable corrective measures.
  • Independently generates solutions, based on analytical skills and business knowledge.
  • Challenges the validity of given procedures and processes, and provides enhancements, improvements or complementary solutions as appropriate.

Skills and Competencies

  • Understanding of IT departmental mission, vision, and of IT operations, ideally gained through 5 or more years IT/IS function management.
  • Minimum of 2 years process development and management experience.
  • Knowledge and understanding of ISMS and SMS certification processes (ideally, experience of the process of certification to both ISO27001 and ISO20000).
  • Knowledge of ITIL best practice - at a minimum this should include an ITIL foundation qualification but ideally including a Service Operations Lifecycle qualification as well).
  • ISO 27001 Lead Auditor
  • TickITplus practitioner