This role will take the key part in supporting the Information Security Risk program, ensuring it's effectively implemented to protect the organisation, its customers, and stakeholders. You will report to the Head of Information Security GRC. This role is a hybrid role with 2 days working on-site in Chester
Client Details
My client is a global software development business, who is keen to offer both career and professional development to its employees.
Description
Contribute to the execution of the information security strategy, including advanced global projects.
Increase awareness of risk identification and management within the organisation.
Oversee and update the information security risk register to ensure compliance with policy.
Generate, manage, and analyse risk management data
Collaborate with business leaders to manage risks in accordance with policy.
Develop and deliver risk education and awareness training across the organisation.
Conduct risk assessments for new projects.
Manage supplier risk activities, including contract reviews.
Establish and maintain the Operational Resilience and Redundancy program.
Plan and coordinate annual resilience testing, supporting business functions to meet expectations.
Lead and conduct annual business impact analyses.
Respond to customer and supplier requests for information security risk informationProfile
Demonstrated experience in IT GRC ideally focusing on information security risk management.
Excellent stakeholders management skills
Experience in 3rd party risk management
Familiar with security best practices: ISO27001, NIST, Cyber Essentials plus, PCI DSS
With experience in Business Continuity is preferred
With certifications of CRISC / CISM / CISMP is preferred
Job Offer
Excellent career prospect and support in professional development
Hybrid working
Private Medical and Life Assurance