Information Security Risk Lead, Governance, Risk & Control, GRC
- Employer
- Proprius Recruitment
- Location
- Horsham, West Sussex
- Salary
- From £90,000 to £115,000 per annum Plus £10,000 Car Allowance + Excell
- Closing date
- 16 Mar 2019
View more
- Sector
- Technology
- Contract Type
- Permanent
- Hours
- Full Time
You need to sign in or create an account to save a job.
Information Security Risk Lead, Governance, Risk & Control, GRC - As Senior Security Risk Lead you will support the risk identification and management process across all aspects of Information Security. Responsibilities include assessing the current adequacy of the security strategy, threat vectors, resilience plans, etc., and then understanding and calculating the impact of potential adverse events. Audits and assessments must be continual, as the threat / risk profile changes constantly.
You will keep line and executive management up to date on the results of the risk and control assessments activities as well as be able to articulate pragmatic recommendations for remediation or risk treatment to protect systems and / or reduce exposure.
Monitor key risk and control indicators, reviewing annually the appropriateness and effectiveness of each key indicator in helping manage the risk profile. Lead and / or support in-depth risk assessment / reviews and control assessment activities, including identifying and documenting risks and controls, creating detailed process flows and assessing the implementation and operating effectiveness of key controls.
Operate and maintain information security and acceptable use risk management frameworks, methodologies and independent assurance activities with a focus on business impacts. Monitor and report information security and acceptable use risks against the appropriate risk appetite statements.
Provide oversight and effective challenge over risks relating to information security and acceptable use to influence senior management decision-making.
Maintain an appropriate risk management and governance structure to provide appropriate oversight of new technologies.
Develop and maintain the annual risk and control monitoring plan, ensuring its effective execution and completion.
You will have experience in:
Delivering against a Senior Risk Management role.
Excellent understanding of modern governance, risk and control frameworks.
Expert knowledge of Information / Cyber Security and Cyber Resilience.
In-depth knowledge and experience of creating / maintaining a risk control framework and the appropriate reporting.
Strong exp. In gap analysis of risk policy.
You will keep line and executive management up to date on the results of the risk and control assessments activities as well as be able to articulate pragmatic recommendations for remediation or risk treatment to protect systems and / or reduce exposure.
Monitor key risk and control indicators, reviewing annually the appropriateness and effectiveness of each key indicator in helping manage the risk profile. Lead and / or support in-depth risk assessment / reviews and control assessment activities, including identifying and documenting risks and controls, creating detailed process flows and assessing the implementation and operating effectiveness of key controls.
Operate and maintain information security and acceptable use risk management frameworks, methodologies and independent assurance activities with a focus on business impacts. Monitor and report information security and acceptable use risks against the appropriate risk appetite statements.
Provide oversight and effective challenge over risks relating to information security and acceptable use to influence senior management decision-making.
Maintain an appropriate risk management and governance structure to provide appropriate oversight of new technologies.
Develop and maintain the annual risk and control monitoring plan, ensuring its effective execution and completion.
You will have experience in:
Delivering against a Senior Risk Management role.
Excellent understanding of modern governance, risk and control frameworks.
Expert knowledge of Information / Cyber Security and Cyber Resilience.
In-depth knowledge and experience of creating / maintaining a risk control framework and the appropriate reporting.
Strong exp. In gap analysis of risk policy.
You need to sign in or create an account to save a job.
Get job alerts
Create a job alert and receive personalised job recommendations straight to your inbox.
Create alert