Senior Compliance Manager
Recruiter
Listed on
Location
Salary/Rate
Type
This job has now expired please search on the home page to find live IT Jobs.
Senior Compliance Manager - LondonOur client is a dynamic industry leader, specialising in cutting edge technology & industrial security controls seeking proactive, security minded individuals to join & develop within their business.PurposeTo assess, audit & scrutinise the cyber systems resilience of major industrial operators against existing regulatory frameworks and, where necessary, make suggestions for change & further measures. ResponsibilitiesAccompany the auditors during inspections and record findingsRandomly conduct audit inspection of operators or on new audit requestDemystify subjectivity between the auditorsManage the auditor pool in assigning, scheduling and prioritising audits providing clear plans/instructions to meet timely inspections.Maintain a record of all audit inspections, managing the inspection reports, providing analysis and outcomes.Provide scrutiny of audit reports; assessment reports, improvement plans and incident reports.Support the drafting or review of the framework, policies, procedures, risk assessments where necessary for the client to operate as Competent Authority.Engage with government bodies and attend forum and events to understand threat landscape for sector.Escalate non-compliance and offer advice to support a balanced penalty process.Collate and formulate sector wide risk view.Record outputs and decisions from audits and meetings, including, any incidents, which may form part of an enforcements process.Provide compliance on Smart Metering programme, including but not limited to, monitoring supplier compliance, monitoring the governance board; monitoring and contributing to any proposals for modifications/changes; develop briefing for governance board and sharing intelligence with OGD stakeholders. Skills / ExperienceEssential:3 years' minimum experience in security auditing/inspection.Educated to Degree level or equivalent in a cyber, engineering or technology-based discipline or equivalent.Hold one or more professional qualifications in ISO27001:2013 Lead Auditor, CISA or equivalent.Must demonstrate that you have recent and relevant skills and experience in all the following areas: Conducting audit inspections of environment for critical national systems, IT, IS, OT or national headline services;Performing security risk assessments;Written and reviewed audit reports and Risk Treatment Plans (RTP)Ability to conduct security risks and audit analysis of associated critical systems, OT, Control Systems or headlines services; andImplementing processes for dealing with and managing security incidentsKnowledge of ISO27001:2013 or IEC62443 series in critical infrastructure and challenges faced with introducing security controlsAn effective and engaging communicator, with experience working effectively with key external stakeholdersEither holds or ability to achieve SC clearanceDesirable:Certified to ISO27001 Implementer, GICSP, CRISC or equivalentExperience of auditing in an ICS/OT environmentKnowledge of IEC62351 and/or NIST frameworkKnowledge and/or exposure to SEC and SMETS1/SMETS2Coordinating incident response internally and externally
