My jobs

You just missed it! This job already expired. Discover similar jobs with Advance…

Discover

IT Risk Manager, Staines, 2 Line of Assurance, Contract 6 month

Entry-level at Pontoon

IT Risk Manager, Staines, 2 Line of Assurance, Contract 6 month

Entry-level at Pontoon

  • LocationStaines, UK
  • Position levelEntry-level
  • Job period iconFull-time employment
  • Application deadline iconPosted on 13 Oct, 2018
  • Start date iconStart date:
  • Visa iconVisa Sponsor
  • CompetitiveCompetitive
IT Risk Manager, Staines, 2 Line of Assurance, Contract 6 months
We are looking for an IT Risk Manager to join the second line assurance team reporting into Director IT Risk and Assurance. The IT Risk Manager is accountable for managing and overseeing Risk framework for their area of responsibility; also, provides support and required reporting to the Head of IT Risk and Functional Assurance by partnering closely with Enterprise Risk Management, other risk teams, stakeholders, Internal/External Audit, and with other areas of the Information Security team.
The role:
* Overseeing IT/IS Risk management processes for the IT function
* Overseeing the Risk tool, and facilitating areas of IT/IS to enter risks in line with the Risk Standards and Group Risk Assessment Matrix
* Implementing and managing a risk framework
* Developing a IT/IS risk calendar, informing relevant parties and driving execution across all teams and stakeholders
* Designing and implementing logical risk enhancements
* Presenting IT subjects clearly to both technical and non-technical audiences.
* Reporting risk assessments dashboards
* Owning and overseeing risk/issue logs
* Facilitating risk review meetings
* Planning, coordinating and overseeing day to day delivery of IT/IS risk assessment and governance initiatives
* Identifying opportunities for IT/IS process improvement through simplification and standardization
* Ensuring that all risk activities are aligned to applicable policies and standards and best practices
* Participating in regular threat focus meetings with Threat Intelligence team
The person:
Naturally, you are an experienced professional in the field of Information risk management with experience in leadership or management positions
This role is more risk focused, hence your experience in Risk Management, Risk Reporting to senior level, Security Management Systems (ISMS) type technologies, Risk Frameworks and Methodologies is critical for the role.
You also can demonstrate financial and business acumen and experience running a large operational team in complex regulatory environments, delivering a mix of regulatory and contractual requirements and strategies for compliance.
You would be educated up to Bachelor degree (master preferred but not required) with at least five years of working in information technology and/or information security operations and relevant training associated with ISO27001, PCI, FCA, ISF, NIST. And are able to demonstrate a solid understanding of Information Security Forum (ISF) controls framework and NIST Cybersecurity Framework
In terms of certifications, you will ideally be certified in some of the following: Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM).
You are an effective communicator capable of collaborating and building credibility with others who serve as key stakeholders or subject matter experts; and your background also includes:
* Strong resource management, planning, and project management skills.
* Proficient understanding of GRC processes, tool implementation and usage
* Organizational awareness and a collaborative attitude in order to build successful relationships and lead teams that will be dispersed across geographies
* Ability to influence diverse stakeholders to address identified risks, with excellent stakeholder management skills
* Knowledge of applicable internal and/or external regulatory policies, standards, procedures and controls (e.g. International Organization for Standardization (ISO) 27000, National Institute of Standards and Technology (NIST), Control Objectives for Information and Related Technology (COBIT), Cyber Essentials, Centre for Protection of National Infrastructure (CPNI), OWASP Top 10, SANS Top 20 Critical Controls, Information Security Forum (ISF))
* Understanding of cyber risks associated with the roll-out of smart metering in the UK, the Smart Energy Code (SEC) and associated security aspects
* Understanding of power utilities, retail energy, and oil and gas industry trends
If you wish to apply for the above position, please call me on [Phone number removed] or email on martin.boulton @ pontoonsolutions.com
Please be advised if you haven't heard from us within 24 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly.
Pontoon is a global HR outsourcing company specializing in improving an organization's talent. We manage the contingent workforce and statement of work resources on behalf of our clients, as well as source and recruit direct hires. Pontoon's approach results in significant cost savings and revenue improvement, increased worker quality, workforce insight and greater regulatory compliance. A division of Adecco with operations in nearly 100 countries and with more than 1,500 colleagues worldwide, the Jacksonville, Florida-based organization delivers solutions to more than 150 industry-leading companies.
Discover thousands of graduate jobs on Advance.careers. We deliver you the entire UK job market.

Discover thousands of graduate jobs on Advance.careers. We deliver you the entire UK job market.