I am supporting a local private sector organisation to recruit for a Risk, Security and Compliance Lead on a permanent basis. This role is crucial for ensuring IT operations align with regulatory standards and organisational goals. Key areas will include strategic planning, incident response and integrating compliance frameworks (eg GDPR, ISO 27001) to protect critical systems.
Your new role
You will be responsible for developing risk management processes, crisis plans and vendor oversight, whilst collaborating with stakeholders to implement security measures and enhance compliance. Maintaining Incident Response Plans and coordination of rapid incident resolution (eg cybersecurity breaches, data loss), establishing a Vendor Risk Management program to assess third-party compliance. Furthermore, you will be responsible for overseeing security measures, incident responses and network security enhancements, including Fortinet solutions.
What you'll need to succeed
* Certifications; CRISC, CISA, CISM, CISSP, ISO 27001 Lead Auditor, ISO Risk Manager or equivalent
* Strong knowledge of regulatory requirements (eg GDPR, ISO 27001, Data Protection Act 2018), including Data Protection Impact Assessments (DPIAs) and familiarity with frameworks such as Cyber Essentials or ISO 27005.
* Proficiency with MS 365, Intune, VMWare and Fortinet technologies
What you'll get in return
-...