Log In Sign Up

Cyber Risk Manager - London

Premium Job From BCT Resourcing

Recruiter

BCT Resourcing

Listed on

20th February 2020

Location

London

Salary/Rate

£80000 - £95000

Type

Permanent

Start Date

2020-02-20

This job has now expired please search on the home page to find live IT Jobs.

Senior Cyber Risk Manager

London

£80000 - £95000 per annum

As part of our global cyber security programme, you will support the business in continuously challenging and thus strengthening the confidentiality, integrity and availability of its clients data, our intellectual property, and our IT assets.

As a member of the Cyber Risk Management team, you will be responsible for various cyber risk related activities that include: risk assessments and reviews of business and IT processes and solutions, technical security assessments of new applications or technology, due diligence reviews of outsourcing partners, security awareness training and provide cyber risk consultancy.

Main tasks/activities:

* Conduct risk assessments of new or materially changed systems and facilitate or conduct associated security penetration testing.

* Act as the technical lead on mobile security risk assessments.

* Conduct risk reviews and spot-checks to ensure ongoing compliance with security regulations.

* Provide training and education for staff on all aspects of Information Security.

* Perform vendor due diligence and risk assessments to gain assurance of their Information Security practice, including ongoing reviews.

* Respond to Information and Cyber Security questionnaires and audits by clients and regulators in close collaboration with the business functions, IT, and Legal.

* Assist with development and maintenance Global InfoSec policies and standards in-line with changing business and regulatory requirements as well as changing industry good practice.

* Contribute to the ongoing development of the Information Security function, its processes, and tools.

Position Requirements:

* A graduate or masters degree in Computer Science, IT or related fields - ideally with an IT security focus or equivalent background.

* At least 5 years experience in a related role, preferably in a similar position at a financial, insurance, or healthcare institution with a global footprint.

* Experience in performing application and infrastructure penetration tests and using associated frameworks and tools (OWASP, Nessus, etc.)

* Understanding of protocols and application techniques like HTTP, Kerberos, OAuth, SAML, containerisation technologies, microservice infrastructure, secure APIs, secure DevOps practices.

* A history as developer and have a good infrastructure engineering and security related background (optional extra)

* Strong knowledge and practical implementation experience of security frameworks and regulations (ISO27001/2, NIST, HIPAA, OWASP, PCI).

* An in-depth understanding of cyber security threats, attacks and countermeasures.

* Must be able to work independently under limited supervision and to coordinate and prioritize work to meet agreed deadlines.

* Excellent communication, interpersonal, and presentation skills.

You are currently using an outdated browser.

Please consider using a modern browser such as one listed below:

Google Chrome
Google Chrome
 Opera
Opera
 Mozilla Firefox
Mozilla Firefox