Senior Information Risk Advisor - Glasgow, United Kingdom - Spinwell

Spinwell
Spinwell
Verified Company
Glasgow, United Kingdom

1 month ago

Tom O´Connor

Posted by:

Tom O´Connor

beBee Recruiter
Description

Role:
Senior Information Risk Advisor

Contract Length: 12 months with possible extension

Location:
Hybrid/Edinburgh or Glasgow


IR35:
Outside

Pay Rate to Intermediary:
£605 per day

Security Clearance:
Disclosure Scotland

Spinwell is recruiting for a Senior Information Risk Advisor for an excellent opportunity within the public sector.


RESPONSIBILITIES OF THE SENIOR INFORMATION RISK ADVISOR

  • Formulate strong relationships between the Information Security and Risk function and business teams:
  • Promote Information Security and Risk Services offered.
  • Conduct technical assurance activities of systems, services, and products.
  • Provide advice, guidance, and facilitation of information security processes.
  • Assist stakeholders in understanding and fulfilling their information security roles and responsibilities.
  • Communicate the requirements of Information Security Policies and Standards, to ensure that teams and colleagues are able comply with their requirements and ensure that protective measures for information assets are adequate.
  • Requirements for 'Security & Information Risk Advisor' services
  • Deliver sessions and workshops for the scoping, identification, and analysis of security risks to the confidentiality, integrity, and availability of information assets, and propose appropriate controls and actions for risk remediation.
  • Discuss potential opportunities for improvement to information security policies, processes or controls with teams and record the proposed improvements in the ISMS Tooling for management analysis.
  • Observe instances of Non-Conformance, providing details of findings and the motivation for the issue. Use ISMS Tooling to record and prepare reports for the relative ISMS Domain Sponsor who will determine corrective action. Liaise with Teams on required actions to discuss timeframes and delegation of resources.
  • Undertake internal audit/assurance activities to observe and evaluate ISMS processes and Security Controls and provide internal stakeholders with reports that outline findings and areas for improvement of compliance.
  • Contribute towards the development of Information Security and Risk policies, standards, and processes, including the maintenance of operating procedures and ensure appropriate ISMS document control is applied.
  • Deliver education and awareness sessions to technical and nontechnical teams to enhance information security and risk knowledge and confidence.
  • Support internal stakeholders during independent audits through prior preparation of ISMS artefacts and records to be available upon request by the auditor.

SKILLS/EXPERIENCE OF THE SENIOR INFORMATION RISK ADVISOR

  • Identification, assessment, and management of risk
  • Security assurance and the measurement of controls
  • Creation of ISMS and IT Security documentation (Policies, Standards, Processes, Procedures and Patterns)
  • Internal and Third-Party Audits
  • Risk and threat modelling
  • Compliance and Assurance Activities
  • Business process analysis and mapping (to determine alignment against agreed industry practice and recognised control frameworks)
  • Certified Information Systems Security Professional (CISSP)
  • Certified ISO 27001 Lead Implementer/Auditor of Management Systems (including Information Security and Business Continuity)

Job Types:
Full-time, Temporary contract


Work Location:
In person
More jobs from Spinwell
See all jobs of Spinwell