Online since 1999 | 10,664 IT Jobs Live NOW

Senior Compliance Manager

Premium Job From Experis IT
Recruiter: Experis IT
Listed on: 20th September 2019
Location: London
Salary/Rate: £53000 - £64000
Type: Permanent

This job has now expired please search on the home page to find live IT Jobs.

Senior Compliance Manager - London PurposeThe role will be working in the CA function reporting to the Head of CA Assurance.The key purpose of this role is to monitor, support, report and instruct against the regulatory framework to ensure operational systems and networks, owned and/or managed by Operators of Essential Services, in the energy sector in Great Britain, remain resilient against cyber and related security threats. ResponsibilitiesAccompany the auditors during inspections and record findingsRandomly conduct audit inspection of operators or on new audit requestDemystify subjectivity between the auditorsManage the auditor pool in assigning, scheduling and prioritising audits providing clear plans/instructions to meet timely inspections.Maintain a record of all audit inspections, managing the inspection reports, providing analysis and outcomes.Provide scrutiny of audit reports; assessment reports, improvement plans and incident reports.Support the drafting or review of the framework, policies, procedures, risk assessments where necessary for Ofgem to operate as Competent Authority.Engage with government bodies and attend forum and events to understand threat landscape for sector.Escalate non-compliance and offer advice to support a balanced penalty process.Collate and formulate sector wide risk view.Record outputs and decisions from audits and meetings, including, any incidents, which may form part of an enforcements process.Provide compliance on Smart Metering programme, including but not limited to, monitoring supplier compliance, monitoring the governance board; monitoring and contributing to any proposals for modifications/changes; develop briefing for governance board and sharing intelligence with OGD stakeholders. Skills / ExperienceEssential:3 years' minimum experience in security auditing/inspection.Educated to Degree level or equivalent in a cyber, engineering or technology-based discipline or equivalent.Hold one or more professional qualifications in ISO27001:2013 Lead Auditor, CISA or equivalent.Must demonstrate that you have recent and relevant skills and experience in all the following areas: Conducting audit inspections of environment for critical national systems, IT, IS, OT or national headline services;Performing security risk assessments;Written and reviewed audit reports and Risk Treatment Plans (RTP)Ability to conduct security risks and audit analysis of associated critical systems, OT, Control Systems or headlines services; andImplementing processes for dealing with and managing security incidentsKnowledge of ISO27001:2013 or IEC62443 series in critical infrastructure and challenges faced with introducing security controlsAn effective and engaging communicator, with experience working effectively with key external stakeholdersEither holds or ability to achieve SC clearanceDesirable:Certified to ISO27001 Implementer, GICSP, CRISC or equivalentExperience of auditing in an ICS/OT environmentKnowledge of IEC62351 and/or NIST frameworkKnowledge and/or exposure to SEC and SMETS1/SMETS2Coordinating incident response internally and externally