Back to Job Search

Job Description

The role:

  • Oversee and support cyber security incident response, recovery and lesson learned activities in relation misuse, loss or compromise of sensitive company data so to closely support the Cyber Security Operations Lead and the wider cyber security management capability
  • Assist the Cyber Security Operations Lead in undertaking effective root cause analysis of security incidents to ensure prompt action is taken to prevent incident reoccurrence and strengthen relevant cyber security controls
  • Lead on the management and reporting of cyber security related risks within the Technology team's risk management governance framework and the overarching company risk management arrangements
  • Direct and oversee the management of IT related audits where wholly or significantly relevant to the companies cyber security controls and supporting arrangements
  • Mentor, develop and oversee the activities undertaken by a Junior Cyber Security Analyst as and when assigned
  • Have ability to deputise for the Cyber Security Manager for certain pre-agreed tasks and activities
  • Lead and deliver activities within the continuous programme of cyber security improvement relating to policy, risk, compliance and awareness enhancements
  • Oversee, assure and improved the effectiveness of the companies Information Security Management system maintaining compliance with ISO 27001:2013
  • Support the development and implementation of the Cyber Security Strategy ensuring alignment to the company vision, values and strategic objectives
  • Lead the development of multi-channel cyber security awareness materials and training to ensure company-wide and specialist audiences are effectively serviced and the effectiveness of such activities is measured to drive continuous improvements
  • Produce relevant and accurate cyber security metrics in relation to governance, risk, compliance and awareness measures to demonstrate their effectiveness to practitioner, senior management and business audiences
  • Develop and undertake risk prioritised cyber security assurance activities on the services delivered by third Party Service Providers where company systems and/or information assets are utilised

Qualifications and experience:

  • 5 years+ experience of management of Cyber Security
  • Holds an industry renowned information security qualification such as CISSP, CISM or BCS ISMP)
  • Excellent verbal and written communication skills
  • Experience of managing cyber security in IT environment with both internal and external service provision
  • Experience of orchestrating cyber security risk and control assessments
  • Highly self-motivated and action oriented individual with a strong results driven mentality
  • Excellent working knowledge of ISO/IEC 27001/27002 and ISMS operation
  • Excellent working knowledge of the Smart Energy Code
  • Excellent working knowledge of the Network and Information Systems Directive and the NCSC Cyber Assessment Framework
  • Establishes excellent relationships with senior colleagues and external stakeholders
  • Has good commercial acumen
  • A UK national suitable for completing UK Government security vetting up to SC level

Eames Consulting is acting as an Employment Agency in relation to this vacancy.