Log In Sign Up

IT Compliance, Audit and Risk Manager - ISO27001, GDPR, PCI-DSS

Premium Job From Michael Page

Recruiter

Michael Page

Listed on

12th November 2019

Location

Goole

Salary/Rate

£45000 - £50000

Type

Permanent

Start Date

ASAP

This job has now expired please search on the home page to find live IT Jobs.

IT Compliance, Audit and Risk Manager - ISO27001, GDPR, PCI-DSSYou will lead the company quality and compliance activities for the IT Managed Services Software Platforms to achieve quality and compliance best practice. You will also represent the company in IT quality and compliance activities and audits with customers and vendors.Client DetailsBusiness based in East Yorkshire on an exciting period of growth. DescriptionKey responsibilities:Plan and conduct internal audits for all schemas for which the company hold certifications, particularly ISO 20000/27001 including audits of 3rd parties, ensuring audit results are captured and communicated to stakeholdersBrief teams on the requirements of external audit and the evidence that needs to be retained and presented to show complianceManage external audit activities, directing activity during the audit, supporting colleagues in evidencing processes, and communicate results and actions plans to relevant stakeholdersTrack and manage to resolution non-conformances from internal and external auditPlan, lead and document risk analyses to company standards and processesPropose and develop appropriate quality & compliance policies and proceduresLead on activities required to update current certifications as schemas changeReview Group standards proposals and produce gap analyses identifying areas of difference and the activities required to bridge the gap, along with recommendations for action.Support prioritization of improvement activities through quantifying improvements according to recognized continuous improvement measures.Act as a focal point for compliance and information security related queries from colleagues, customers and vendors including during tender processes.Conduct Data Protection Impact AssessmentsReview and align IT policies and processes to current and emerging legislation and industry best practice ProfileKnowledge, Skills and Experience:Strong working knowledge of the following:

ISO/IEC 20000 schema, controls and internal audit

ISO/IEC 27001 schema, controls and internal audit

GDPR

Relevant Legislation

Root Cause Analysis Techniques

Experience of planning and conducting audits for ISO/IEC 20000/27001

Experience training how to conduct audits

Experience presenting to senior IT leadership teams

Knowledge of compliance requirements and audit experience for Cyber Essentials/Plus

Experience creating and monitoring compliance dashboards

Experience working with certifying auditors

Knowledge of Health Information Governance Toolkit/DSPT Job OfferCompetitive salary and benefits on offer with the role.

You are currently using an outdated browser.

Please consider using a modern browser such as one listed below:

Google Chrome
Google Chrome
 Opera
Opera
 Mozilla Firefox
Mozilla Firefox