The provided job description is comprehensive and well-structured, but it can be improved for clarity and readability by fixing some formatting issues and removing irrelevant content. Here's a refined version:
Senior Cyber Security Specialist, Preston
Client: Westinghouse Electric Company LLC.
Location: Preston, United Kingdom
Job Category: Other
EU work permit required: Yes
Job Reference: cfb34c98cb80
Job Views: 9
Posted: 26.04.2025
Expiry Date: 10.06.2025
Job Description:
Reporting to the Deputy CISO, the Manager of UK IT Governance and Risk Management is responsible for designing and executing the IT Governance, IT Risk Management, Security Awareness, and Business Continuity/Disaster Recovery programs in the United Kingdom. The role requires maintaining necessary certifications for UK operations and engaging directly with business representatives at operational locations.
Note: This is a hybrid role; candidates must be local to the Springfields UK site to report three days a week.
Your day-to-day responsibilities include:
* Establishing and maintaining the management framework for all IT Governance activities in the UK.
* Maintaining certifications as required by UK governmental and regulatory authorities.
* Managing risk assessment processes across UK operations and coordinating with enterprise risk management.
* Supporting IT risk assessments for projects and vendors, ensuring compliance with company policies.
* Aligning activities with legal, compliance, contractual, and regulatory requirements.
* Creating and maintaining Business Continuity and Disaster Recovery Plans for IT services in the UK.
* Recruiting, training, mentoring, and developing staff as needed.
* Developing risk decision matrices aligned with business objectives.
* Developing on-demand reporting and dashboards.
* Acting as the primary contact for internal and external IT audits and assessments.
* Maintaining compliance metrics and supporting evidence, based on industry standards such as Cyber Essentials, ISO 27001, NIST 800 series, and NERC-CIP.
* Developing and maintaining a Security Awareness Program to reduce security risks.
Qualifications and experience needed:
* Bachelor's degree in IT or related field; Master’s preferred.
* 7+ years of experience in information security, governance, risk, compliance, or IT audit.
* Professional certifications like CISA, CISM, CGEIT, CRISC, CISSP are preferred.
Skills and competencies:
* Knowledge of security frameworks such as Cyber Essentials, NIST CSF, ISO 27000, and ITIL.
* Excellent communication skills for technical and non-technical audiences.
* Deep understanding of cybersecurity threats, controls, and remediation strategies.
* Awareness of current technological trends in information security.
* Knowledge of global security regulations and best practices.
* Ability to work under pressure and influence others effectively.
* Strong interpersonal skills and ability to manage multiple issues.
#J-18808-Ljbffr