Head of Cyber Security, Risk Management & Business Continuity
A Fortune 500 company, our client is one of the world's major project development and construction groups. The UK operation is a leading contractor in Building & Building Services, Infrastructure & Infrastructure Services, Utilities and Cementation. An ethical, inclusive, value driven and people focussed company; the UK had revenues of £1.678bn in 2016 and employs c5,813 people. Global revenues for 2017 were c£14.64bn. Working collaboratively with customers, partners and the supply chain, the company makes a positive difference to society.
IT, an important enabling function at the heart of the company, is undergoing a transformation programme aligning IT services and support more directly with the Business Units and corporate functions to meet the demands of their businesses and potential growth.
In these days of heightened focus on all aspects of Security, a new and challenging role has emerged; the Head of Cyber Security, Risk Management & Business Continuity. A member of the IT Leadership team, reporting to the CIO, with a dotted line to the Global CISO, you’ll be responsible for strategy and governance for Cyber Security, Risk Management & Business Continuity. You will own and develop strategy and planning for Security and Continuity programmes to detect and protect against potential threats. Risk requires a framework for recording, monitoring and managing technology related risks.
Specific responsibilities will include;
- establishing and maintaining relationships with stakeholders across the business; engaging with the Global CISO and steering groups for group wide strategic planning,
- forming a Cyber Security and Risk advisory board aligned with governance functions and developing UK Cyber Security policies and controls for physical, cloud and third-party sites,
- ensuring a metrics and reporting framework is in place to measure efficiency and effectiveness of programmes and operations also assessing risk in the supply chain and third-party suppliers.
- Working with IT teams to build alignment between security, enterprise architecture and solution design; also working with relevant stakeholders to ensure all information meets applicable laws and data privacy regulations.
- Team management, goal setting, performance reviews and career development, coaching and mentoring, also including contract resource.
Of graduate calibre with an IT/Cyber Security degree or equivalent business level qualification, you’ll need one or more CISSP or CISA, CISM accreditations and knowledge of IS frameworks such as ISF, ISO/IEC 27001, ITIL, COBIT, NIST and SIEM. You’ll have a proven track record in IT and Cyber Security, Risk & Business Continuity in progressive roles in a major corporate; along with
- the development of cyber security, risk & business continuity policies and procedures across applications and servers including configuration, monitoring and response to security system events;
- Experience in a highly regulated environment; broad Construction industry a preference.
- Financial management for forecasting and budgeting, project management for scheduling and resourcing
- judgement and initiative to contribute at the Leadership level and manage and motivate a team as well as third parties.
- a commitment to service quality, continuous improvement and process maturity, sound communication and presentation skills, a collaborative nature with an inquisitive, analytical approach, able to influence at all levels to achieve company objectives.
The office base will be either in London, at HQ near Rickmansworth or in the Doncaster office. If based in London or Doncaster, the individual will need to spend at least 2-3 days a week at HQ. This person will need to travel internationally as required.
To find out more about this interesting opportunity please send your CV and reasons for applying to Rushworths.