Cyber Security Governance & Assurance Manager
Job Description
Cyber Security Governance & Assurance Manager
Based at Culham Oxfordshire. This role is suitable for hybrid and fully remote working.
Salary up to £60,541 plus a £2,000 South East Allowance if based in the area and a generous benefits package
Permanent/Full Time
The Civil Nuclear Constabulary (CNC) is an armed police service dedicated to the nuclear industry. Our vision is to be recognized as a provider of a world-class service for the protection of nuclear material and facilities. Given the critical nature of our work, we seek skilled and committed professionals to join our high-performing team.
The Cyber Security Governance & Assurance Manager will be passionate about cyber security and play a key role in protecting critical systems and information. They will oversee compliance with cyber security policies, manage cyber risks, and ensure systems and processes meet the highest standards.
Key Accountabilities
* Enhance and maintain governance and assurance frameworks for Cyber Security & Information Assurance (CS&IA) risk management.
* Monitor progress against the Cyber Security Strategy and report on Key Cyber Objectives (KCO) and Key Cyber Activities (KCA) to CNC leadership.
* Assure the adequacy of CS&IA reporting to governance forums.
* Identify, report, review, and act upon cyber security risks.
* Share, report, and act upon outputs from the IT cyber risk register and penetration testing.
* Define and monitor thresholds and tolerances for cyber security controls on critical systems.
* Oversee the reporting of Management Information with defined requirements.
* Ensure third-party vendors comply with security policies through regular risk assessments.
* Advise on implementing 'secure by design' principles, governance, and compliance frameworks.
* Monitor security controls to secure data and information systems.
* Assess the effectiveness of cyber risk assessments and management plans, recommending improvements.
* Support disaster recovery planning and testing.
* Assist in cyber security audits and review legal and regulatory compliance.
* Deliver reports and briefings to stakeholders.
Skills and Experience
Personal Attributes:
* Attention to detail and a methodical approach
* Excellent communication, collaboration, and external engagement skills
* Leadership and influencing abilities
* Proficiency in formal documentation and presenting complex information
* Analytical skills for effective decision-making
* Awareness of social, ethical, and environmental impacts of cyber decisions
Specialist Skills:
* Planning audits or compliance reviews
* Risk assessment and management skills
* Knowledge of sector-specific audit requirements and tools
* Understanding of relevant legislation, regulations, and standards
* Familiarity with SIEM, network analysis tools, techniques, and procedures
* Ability to challenge and rigorously test policies and systems through an adversarial approach
Qualifications
Desirable qualifications include CISP, ISMP, CCST, CompTIA, or similar Risk Management Qualification. Membership of CIISeC is an advantage.
#J-18808-Ljbffr