£75K/yr to £80K/yr
Glasgow, Scotland
Permanent, Variable

IT Governance, Risk and Compliance Manager

Posted by Hays Specialist Recruitment Limited.

IT Governance, Risk and Compliance Manager

Permanent Salary: £75,000 - £80,000 (neg.) plus 10% bonus

Location: Glasgow

Working Arrangement: Hybrid - 2 days on site

Your new company:

I'm currently looking for an Information Security Manager to work for one of Hays' long-term clients based in Glasgow. This is a hybrid role with a requirement of working on-site 2 days per week, paying up to £80,000 per annum depending on your experience.

This role is a GRC-led leadership position and the ideal candidate will have operated at a senior level maintaining information security accreditations such as ISO27001 and Cyber Essentials +, acting as an IT Risk SME, and working closely with senior leadership on the security assurance of a business.

This role involves:

Leading on business-wide GRC and information security assurance initiatives

Contributing to a future-focused security model considering IT risk, data security, incident response plans, alongside disaster recovery and business continuity

Leading in the maintenance of ISO27001 and CE+ compliance and certification where appropriate

Completing IT Risk assessments, adding to and maintaining the risk register

Overseeing the cyber security incident response process and taking a leading role in assessing corrective actions

Acting quickly and decisively on information security incidents in line with your knowledge of industry best practice

Working with various business leaders on regular security awareness activities, effectively communicating details of emerging security threats and risks and acting as an Information Security Risk Management SME

Engaging with business continuity with senior IT leaders

Taking an active involvement in annual information security reviews, communicating to senior stakeholders about contemporary risks to be considered and initiatives to combat them

Advising on all areas of data security - e.g. impact assessments, data security awareness training, data protection

Tweaking and maintaining the ISMS in line with your knowledge of industry best practice

Using your knowledge of technical IT controls to ensure that projects, transformations, current policies and systems are fit for purpose and aligned with organisational risk appetite

Leading a small team of security analysts spanning risk and governance

Leading the risk and governance function as a GRC SME and supporting with risk assessments of transformations, regulations, and policies

Overseeing supplier assurance processes from a security perspective

Assisting in the creation of governance policies and processes

Creating reports for governance groups

Maintaining a contemporary knowledge of current threats and cyber trends, using this to guide the strategic direction of the technology governance model, and to ensure operational risks are managed appropriately

Collaborating with stakeholders within audit, operational risk and the three lines of defence

Providing strategic advice and input on the organisation's cyber security strategy

What you'll need to succeed:

An SME within Information Security Risk Management

Experience maintaining ISO27001 and Cyber Essentials

Experience developing and maintaining an ISMS

Excellent communication and stakeholder engagement skills

Experience leading a cyber security awareness campaign and assisting with surrounding educational measures

A business solution focused mindset

Relevant industry certifications

Experience leading and supporting with risk management and risk assessments

The ability to maintaining and foster sound security principles across the organisation whilst keeping a business solution mindset, to not inhibit business functions, projects and transformations

Experience defining governance models

Team management experience

Strong IT risk management experience and comprehension of best practice controls and security risk frameworks - NIST, COBIT.

What you'll get in return:

£75,000 to £80,000 per annum

10% Bonus

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk

We use cookies to measure usage and analytics according to our privacy policy.