Venesky-Brown’s client, a public sector organisation in Edinburgh, is currently looking to recruit an Information & Cyber Security Manager for an initial 6 month contract with option to extend on a rate of £600/day (Inside of IR35). This is a hybrid role with occasional working from the office, a minimum of 2 days per week.
Responsibilities
* Provide Information/Cyber Security guidance, expertise and representation at project/change meetings
* Work closely with the Department Head to:
o Support development of plan, and establishment of, dedicated IT Service & Security governance/review meetings with the client’s IT Supplier base (Security Focus)
o Research and document the respective splits of security responsibilities (in relation to IT Security, Information Security and Cyber Security)
o Perform gap analysis of Information/Cyber Security industry best practice versus activity currently performed by the client (or as delegated and overseen through effective supplier oversight/governance)
o Support ongoing creation and regular upkeep of Information/Cyber Security Risk and Control Register
o Support review/revision of the client’s Cyber Incident Response Plan
o Support creation of Target Information Security/Cyber Security Operating Model and Resource Profile/Structure
o Support delivery of actions required to support closure of open Information/Cyber Security related risk and audit actions
o Ensure that Business Transformation has a robust Business Continuity plan, fully aligned with the Estates Team’s expected pro-forma/standards
* Relevant Information/Cyber Security qualification(s) e.g. CISM, CISSP, ISSMP etc.
* Involvement with the establishment and/or ongoing oversight of Information/Cyber Security Supplier Management
* Familiarity with best practise Information/Cyber Security Incident Response Plans and Playbooks
* Involvement in the establishment/maturity of Information/Cyber Security processes of medium sized (or large) enterprises
* Involvement in setting and/or refining Information/Cyber Security Strategy and Operating Models
* Aware of IT Risk and Control management fundamentals
* Experience of production of quality, accurate Security related MI reporting
* Experienced in providing Security related input/representation/task ownership and delivery for Projects and Programmes
* Active involvement with Information/Cyber Security enterprise wide maturity assessments
* Awareness of Business Continuity planning
* A confident and clear communicator with high quality verbal and written communication skills
* Calm and courteous demeanour when faced with difficult/challenging circumstances
* Able to plan and deliver assigned responsibilities to quality and time without close ongoing support/supervision
* Able to thrive in situations where information is only partially available and requires to be gathered by discussion with other stakeholders
* Inquisitive, self‑motivated, resilient and results‑driven
* Advanced knowledge and experience of Supplier Management and Governance from an Information/Cyber Security perspective
* Significant, broad experience of Information Security/Cyber Security Management within a highly regulated complex corporate environment e.g. UK Financial Services
* Able to take a high‑level briefing from Department Head level and then successfully develop plan/deliver to agreed dates with little day‑to‑day coaching, guidance and supervision
* Practical exposure and active use of Information Security/Cyber Security risk assessment methodologies
* Prior experience in establishing/shaping/refining an organisation’s Information/Cyber Security Operating Model
* Able to collaborate effectively with senior level non‑technical stakeholders and communicate persuasively
* Advanced planning, prioritisation and stakeholder management skills
* Experience leading Information/Cyber Security enterprise wide maturity assessments
* Advanced written and verbal communication skills
If you would like to hear more about this opportunity please get in touch.
#J-18808-Ljbffr