Risk Manager
- Recruiter
- Confidential
- Location
- Bath
- Salary
- Circa 65K
- Posted
- 20 May 2021
- Closes
- 17 Jun 2021
- Sectors
- Banking & Financial Services
- Contract Type
- Permanent
- Hours
- Full Time
We are seeking an experienced Risk manager with strong government or MOD experience for this rapid growth consultancy - multiple roles available.
You will be required to consult with a wide range of public sector companies with regards to risk and risk assessment projects - role is home baed with occasional travel (expensed)
Key responsibilities;
* Conduct and attend reviews against time & budgetary evidence & review KPIs.
* Risk assessment - support of the full risk lifecycle (risk identification; risk assessment; risk response & mitigation; risk and control monitoring and reporting including required management information). For all systems, projects and programmes, using the Governance Risk Management & Compliance (GRC) tool where required.
* Providing evidence to support the client in accurately understanding its current security maturity and assurance levels. Providing evidence to support the client in identifying and achieving its target security maturity level as efficiently as possible. To present strategic, tactical, process & delivery suggestions to improve the security of the client, including but not limited to increasing the security risk maturity level and supporting the successful rollout of the GRC programme.
Key skills required;
* 5 - 10+ years working in HMG (minimum 3 years) and be familiar with HMG Security Policy Framework
* NIST
* ISO27001 and use of the NCSC guidance (standards, GPGs, etc).
* You will also need to demonstrate knowledge of applying Computer Misuse Act, DPA 98 and now GDPR 2018, Freedom of Information Act 2000 and RIPA 2000 in the cyber security field.
Desirable skills; - one or more of the following;
* ISO/IEC 27005 Certified ISMS Risk Management (CISRM)
* Certified Professional (CCP) Security and Information Risk Advisor (SIRA)
* Certified Information Systems Security Professional (CISSP)
* Certified Information Security Manager (CISM)
* Certification in Information Security Management Principles (CISMP)
* Governance Risk & Compliance Professional (GRCP)
* CPP in Security Management (Certified Protection Professional)
Home based with occasional travel.
More details on application
You will be required to consult with a wide range of public sector companies with regards to risk and risk assessment projects - role is home baed with occasional travel (expensed)
Key responsibilities;
* Conduct and attend reviews against time & budgetary evidence & review KPIs.
* Risk assessment - support of the full risk lifecycle (risk identification; risk assessment; risk response & mitigation; risk and control monitoring and reporting including required management information). For all systems, projects and programmes, using the Governance Risk Management & Compliance (GRC) tool where required.
* Providing evidence to support the client in accurately understanding its current security maturity and assurance levels. Providing evidence to support the client in identifying and achieving its target security maturity level as efficiently as possible. To present strategic, tactical, process & delivery suggestions to improve the security of the client, including but not limited to increasing the security risk maturity level and supporting the successful rollout of the GRC programme.
Key skills required;
* 5 - 10+ years working in HMG (minimum 3 years) and be familiar with HMG Security Policy Framework
* NIST
* ISO27001 and use of the NCSC guidance (standards, GPGs, etc).
* You will also need to demonstrate knowledge of applying Computer Misuse Act, DPA 98 and now GDPR 2018, Freedom of Information Act 2000 and RIPA 2000 in the cyber security field.
Desirable skills; - one or more of the following;
* ISO/IEC 27005 Certified ISMS Risk Management (CISRM)
* Certified Professional (CCP) Security and Information Risk Advisor (SIRA)
* Certified Information Systems Security Professional (CISSP)
* Certified Information Security Manager (CISM)
* Certification in Information Security Management Principles (CISMP)
* Governance Risk & Compliance Professional (GRCP)
* CPP in Security Management (Certified Protection Professional)
Home based with occasional travel.
More details on application