Security Risk Management Lead - £100,000 - London
Recruiter
Listed on
Location
Salary/Rate
Salary Notes
Type
Start Date
This job has now expired please search on the home page to find live IT Jobs.
Job DescriptionThe client, rated one of the fastest growing technology companies in the UK 2 years in a row, are looking for an experienced and outcome-driven Security Risk Management Lead with excellent stakeholder management skills to join our fast-growing Security function.In this role you'll be primarily responsible for designing and embedding the framework for managing security risks, developing security policy suite and setting out appropriate governance structures.You'll build and manage a small team to drive the underlying activities
Role & ResponsibilitiesBuild and manage a small team of security risk analystsDesign, embed and manage a scalable security risk management framework, taking into account business context and relevant industry standards, regulatory requirements and stakeholder expectationsDevelop and update security policies, standards and guidance in collaboration with business stakeholdersCreate and manage a security risk acceptance process and relevant governance structuresAssess security risks and track exposure and remediation activitiesProduce and deliver management reporting of security risks and metrics to relevant committees and stakeholdersDrive and maintain compliance with industry standards such as PCI-DSS, ISO27001 and SOC2Organise relevant security awareness training
Skills & QualificationsSignificant experience in security risk management in a fast paced business, ideally a public technology company or in a regulated industryPreviously defined policies, processes and procedures for managing security riskExpertise in performing security risk assessments in a cloud environmentPreviously been responsible for defining security metrics and producing security risk management reportingGood people management skillsComfortable having difficult risk management conversations with different stakeholders across the business in both technical/engineering and non-technical roleExperience working with enterprise-grade integrated risk management or GRC solutions (eg OneTrust)Familiar with security standards such as PCI-DSS, NIST, ISO27001 and SOC2Nice to haveA mix of consulting and industry experience in a relevant roleRelevant industry certifications such as CISM, CRISC, CISA, CISSP Click 'apply now' or get in touch with Emmabelle Nwadikwa on (0)203 909 9490 or [email protected] Nigel Frank International is the global leader in Microsoft Recruitment. We are unparalleled in our ability to match skilled Azure/M365 professionals with exciting, challenging roles all across the UK and abroad due to many clients trusting us exclusively with filling their vacancies. We deal with both Microsoft Partners and End Users throughout the UK and Europe and we have never had more live requirements jobs for Azure/M365 professionals. Please see www.nigelfrank.com for more fantastic Azure/M365 opportunities. Nigel Frank International Ltd is acting as an Employment Agency in relation to this vacancy.