Your new company
My client is a leading player in the top 10 accountancy firms within the UK. You can work remotely or be in the office but will sometimes be asked to come into the office for specific purposes. You will report into the GRC manager and help them as needed in other areas. We are a regulated business so be aware that there are some formal standards and policies that you will need to enforce across our business. You will be expected to work quickly, and not be afraid of taking decisions or being held accountable for your actions. We want people who will challenge the status quo, who look to innovate and inspire others to do the same.

Your new role
Management You will manage the security risks associated with programme, project, and CAB changes Projects

• You will assess the risks to our business from technical changes put through projects and help the Architects design secure alternatives
• You will ensure each solution you review is penetration tested, when you will review the responses and ensure the project team are aware of the risks and has an opportunity to fix them
• Responsible for drafting reports and keeping the projects risk register

Risk

• You will assess the risk to our business any technical change asked of you and ensure Senior Security management are aware of any findings

Compliance

• Responsible for ensuring My client stays compliant to all UK legislation and regulations which relate to either technology or security.

Other

• You will champion and support the Security strategy across the UK business.
• You are responsible for managing, populating and maintenance of Information Security GRC tooling.
• Establish and keep regular communications with the firm's Project Managers and Technical Architects.
• You will set up and keep a projects calendar ensuring senior management are aware of the status of risk within our change programme.
• Maintains knowledge of security trends including changing threats, emerging vulnerabilities and bring this knowledge in to protect the firm.

What you'll need to succeed
Technical Skills

• Obtain and keep existing and future accreditations following applicable regulations, client and other relevant internal requirements and industry best-practices.
• Knowledge and experience of industry standards such as ISO 27001 and Cyber Essentials.
• Knowledge of cross-border regulations, such as GDPR and EU Data Privacy rules.
• Extensive information security experience, across broad security domains.
• Experience working with technical people responsible for implementing security technology.
• Experience of project management.
• Experience of working with GRC tools, preferably SaaS (Software as a Service) based.
• Ability to dig into details as well as analyse data from a high-level view.
• Understanding of the compliance, legal, financial and ethical obligations that organisations should have with respect to logical and physical security, personally identifiable information and data protection.
• Comprehensive knowledge about data handling and IT security best protocols.
• CISSP/CISA/CISM/CRISC certification preferred but not essential.

Person Specification

• An experienced Information Security person with broad sector experience.
• Must work well with others in the team and acts as a role model, setting ambitious standards of quality.
• Must show commitment to self-development and be able to turn that passion for developing into coaching for others.
• Must be a great influencer, who can work at all levels within our business.
• Must be a clear communicator with exquisite verbal and written skills.
• Must be an innovator who always seeks to make processes simpler and better value for our business.
• Must not be afraid of making mistakes, a successful candidate is a risk taker.
• Must love working with documents and can show their flair for presentation in everything they do.

What you need to do now
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career.