No more applications are being accepted for this job
- Manage our risk register, including ensuring risk mitigations are on track and risk acceptances are regularly reviewed
- Conduct and support risk assessment and threat modelling activities
- Maintain security policies and other key security documents
- Support security governance activities
- Monitor our security KPIs and Metrics and produce our monthly Security Reporting Pack
- Drive compliance to our security framework
- Assist our 'Quality and Management Systems' team with maintaining ISO 27001, Cyber Essentials Plus and other security certifications
- Manage our risk register, including ensuring risk mitigations are on track and risk acceptances are regularly reviewed
- Conduct and support risk assessment and threat modelling activities
- Maintain security policies and other key security documents
- Support security governance activities
- Monitor our security KPIs and Metrics and produce our monthly Security Reporting Pack
- Drive compliance to our security framework
- Assist our 'Quality and Management Systems' team with maintaining ISO 27001, Cyber Essentials Plus and other security certifications
- Manage the security assurance schedule
- Organise security tests and assurance activities, including tracking of the remediation of findings
- Help define assurance activity scopes and ensure overall coverage of assurance work
- Perform security assessments against industry standards, including against technical standards (e.g. NIST, CSA STAR)
- Perform security assessments of non-technical aspects of security (e.g. assessing security culture through maturity assessments, phishing tests, etc.)
- Conduct security due-diligence on third parties
- Help drive employee security awareness
- Support the InfoSec Director with various activities (e.g. defining a security strategy)
- Support the wider InfoSec team with various activities (e.g. threat modelling, post-incident reviews, vulnerability triage)
- Support non-security projects with following a DevSecOps approach, especially the security risk and security assurance aspects of such an approach
- Working in a siloed environment with no freedom to make decisions.
- Working in an environment where you can't see the impact your expertise makes.
- Experience of complex and technical security risk assessments
- Experience organising and overseeing security assurance activities, including penetration tests
- Experience conducting third party security assurance
- Ideally have experience of threat modelling
- Exposure to Agile working
- Knowledge of ISO 27001 and other commonly used security standards
- Understanding of modern cloud technologies
- Desire to be part of a small fast-paced team
- Relevant certifications, such as: ISO 27001 Lead Auditor/Implementor, CISM, CISA, CISSP
- Salary up to £65,000
- Generous company pension packagewith employer contributions of up to 12%
- 30 days annual leave (plus bank holidays.)
- Continuous career development with regular appraisals and learning and development opportunities.
- A lovely new office in Holborn, Central London - we offer flexible and remote working arrangements
- Join us - let'sprevent disease together
Security Risk and Assurance Manager - London, United Kingdom - Our Future Health UK
Description
We are expanding our Security Team Our Future Health are looking to recruit a Security Risk and Assurance Manager, this is a new opportunity where you'll join the newly formed Security Team, reporting into our Director of Information Security. In this role, you'll take the lead on security risk activities, managing our security risk register, security assurance which includes third party security assurance. If you have experience of the above and you're looking to contribute to our mission, we'd like to see your application.
At Our Future Health, our mission is to transform the prevention,detectionand treatment of conditions such as dementia, cancer, diabetes, heart disease and stroke. We're looking for people to join us on our journey. If you're looking for a new challenge where you can contribute to helping future generations live in good health for longer, then we're keen to speak with you. What you'll be doing: This role should help us mature our approach to security risk management and security assurance, including third party security assurance. In this role, you will be responsible for: GRCWe are expanding our Security Team Our Future Health are looking to recruit a Security Risk and Assurance Manager, this is a new opportunity where you'll join the newly formed Security Team, reporting into our Director of Information Security. In this role, you'll take the lead on security risk activities, managing our security risk register, security assurance which includes third party security assurance. If you have experience of the above and you're looking to contribute to our mission, we'd like to see your application.
At Our Future Health, our mission is to transform the prevention,detectionand treatment of conditions such as dementia, cancer, diabetes, heart disease and stroke. We're looking for people to join us on our journey. If you're looking for a new challenge where you can contribute to helping future generations live in good health for longer, then we're keen to speak with you. What you'll be doing: This role should help us mature our approach to security risk management and security assurance, including third party security assurance. In this role, you will be responsible for: GRCSend me alerts about jobs like this.
Please enter your email address to continue setting up an email alert for similar jobs to this one. By entering your email address and clicking apply you will sign up to Jobs4 and agree to our terms and conditions .
#J-18808-Ljbffr