The following job is no longer available:
Cyber Security (Governance, Risk & Compliance) Lead
Cyber Security (Governance, Risk & Compliance) Lead
Cyber Security (Governance, Risk & Compliance) Lead
Posted 12 days ago
- West Bromwich, West Midlands
- Any
- External
- Expired - 3 months ago
Cyber Security Lead (GRC)Salary:
up to £80,000 per annum dependent on skills and experienceHours:
35 hours per weekContract:
Permanent Location:
HybridThe RoleWe are seeking a highly skilled and experienced Security Governance, Risk, and Compliance (GRC) Lead to join our dynamic team. As the Security GRC Lead, you will play a critical role in establishing and maintaining and effective security governance framework, managing risk assessments and ensuring compliance with relevant regulations and standards.Key responsibilities:As a Security GRC Lead you will provide SME oversight for all Security Governance, Risk Management and Compliance aspects. Reporting to the Chief Information Security Officer (CISCO) and help the society clearly understand their exposure to cyber security threats by remaining current with the continually evolving information security threat landscape and using this to be ‘threat-led’ in relevant work.Governance:Understand the business context and develop, implement and maintain a comprehensive security governance framework across all areas of the society.Define, help implement and enforce security policies, standards and procedures.Collaborate with key stakeholders to ensure alignment of security initiatives with business objectives, drivers and demands.Risk Management:Lead and conduct regular risk assessments to identify and evaluate potential security risks at a business function, process and technical level clearly articulating both verbally and in writing to key stakeholders.Review the effectiveness of controls and countermeasures (in relation to known control frameworks as appropriate) and propose, develop and implement proportionate risk mitigation strategies and improvements.Monitor and report on the status of identified risks to senior management, the society’s information security forum and other governance committees. Chair security committees, as directed.Compliance:Ensure compliance with applicable laws, regulations and industry standards.Stay current with evolving regulatory requirements and update security controls accordingly.Manage and coordinate internal and external security control assessments and audits.Security Awareness:Develop and delivery security awareness programmes for employees.Foster a culture of security consciousness throughout the society.Incident Response:Establish and maintain and incident response plan.Lead incident response efforts collaborating with relevant teams to contain and mitigate security incidents.Qualifications:Security qualifications in relevant fields (e.g., CISSP, CISM, CRISC, ISO 27001LI/LA) preferred.Proven experience in security governance, risk management and compliance.Strong understanding of relevant regulations and standards (e.g., GDPR, ISO 27001, NIST).Excellent communication and collaboration skills.Skills and Experience:Excellent interpersonal skills as well as both written and verbal communication and presentation skills.Have a minimum of 5 years of experience in security GRC roles.Have a strong experience in a commercial industry such as financial services, banking, insurance.Practical understanding of technical aspects of cyber security (e.g., threat modelling, vulnerability management, penetration testing, protective monitoring)Azure Cloud Security, Exchange Online, and MS Defender experience would be beneficial.Conditional Access policy knowledge and be confident in preparing technical risk assessments.Demonstrated success in implementing and managing security governance frameworks.Track record of effectively managing security risk and ensuring compliance.Understanding of regulatory requirements, standards and frameworks such as CQUEST, ISO 27001, and Cyber Essentials.Why choose the West Brom?At the West Brom we appreciate that our employees are unique individuals with differing needs depending on their specific circumstances and stages in life. When we say our people are the West Brom’s biggest asset that doesn’t mean just viewing them as employees. We are proud of our heritage and absolutely believe that the West Brom is a great place to work.The West Brom are a Disability Leader employer and encourage disabled applicants and applicants from diversebackgrounds to apply. We will consider requests to make adjustments to our recruitment process and offer a guaranteed interview to disabled applicants meeting the essential criteria. Should you require assistance please do not hesitate to email ##### out our careers page to find out more about our culture, values and benefits. If you share our values and our enthusiasm, then you will find a home at the West Brom.Do it today and click apply!*Please note – We reserve the right to withdraw our adverts earlier than the original published expiry date, therefore if you are interested please submit your application as soon as possible*Head Office: 2 Providence Place West Bromwich B70 8AF.www.westbrom.co.ukThe West Brom is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and Prudential Regulation Authority. Register no. 104877. ‘the West Brom’ is a trading name of West Bromwich Building Society.
#J-18808-Ljbffr
up to £80,000 per annum dependent on skills and experienceHours:
35 hours per weekContract:
Permanent Location:
HybridThe RoleWe are seeking a highly skilled and experienced Security Governance, Risk, and Compliance (GRC) Lead to join our dynamic team. As the Security GRC Lead, you will play a critical role in establishing and maintaining and effective security governance framework, managing risk assessments and ensuring compliance with relevant regulations and standards.Key responsibilities:As a Security GRC Lead you will provide SME oversight for all Security Governance, Risk Management and Compliance aspects. Reporting to the Chief Information Security Officer (CISCO) and help the society clearly understand their exposure to cyber security threats by remaining current with the continually evolving information security threat landscape and using this to be ‘threat-led’ in relevant work.Governance:Understand the business context and develop, implement and maintain a comprehensive security governance framework across all areas of the society.Define, help implement and enforce security policies, standards and procedures.Collaborate with key stakeholders to ensure alignment of security initiatives with business objectives, drivers and demands.Risk Management:Lead and conduct regular risk assessments to identify and evaluate potential security risks at a business function, process and technical level clearly articulating both verbally and in writing to key stakeholders.Review the effectiveness of controls and countermeasures (in relation to known control frameworks as appropriate) and propose, develop and implement proportionate risk mitigation strategies and improvements.Monitor and report on the status of identified risks to senior management, the society’s information security forum and other governance committees. Chair security committees, as directed.Compliance:Ensure compliance with applicable laws, regulations and industry standards.Stay current with evolving regulatory requirements and update security controls accordingly.Manage and coordinate internal and external security control assessments and audits.Security Awareness:Develop and delivery security awareness programmes for employees.Foster a culture of security consciousness throughout the society.Incident Response:Establish and maintain and incident response plan.Lead incident response efforts collaborating with relevant teams to contain and mitigate security incidents.Qualifications:Security qualifications in relevant fields (e.g., CISSP, CISM, CRISC, ISO 27001LI/LA) preferred.Proven experience in security governance, risk management and compliance.Strong understanding of relevant regulations and standards (e.g., GDPR, ISO 27001, NIST).Excellent communication and collaboration skills.Skills and Experience:Excellent interpersonal skills as well as both written and verbal communication and presentation skills.Have a minimum of 5 years of experience in security GRC roles.Have a strong experience in a commercial industry such as financial services, banking, insurance.Practical understanding of technical aspects of cyber security (e.g., threat modelling, vulnerability management, penetration testing, protective monitoring)Azure Cloud Security, Exchange Online, and MS Defender experience would be beneficial.Conditional Access policy knowledge and be confident in preparing technical risk assessments.Demonstrated success in implementing and managing security governance frameworks.Track record of effectively managing security risk and ensuring compliance.Understanding of regulatory requirements, standards and frameworks such as CQUEST, ISO 27001, and Cyber Essentials.Why choose the West Brom?At the West Brom we appreciate that our employees are unique individuals with differing needs depending on their specific circumstances and stages in life. When we say our people are the West Brom’s biggest asset that doesn’t mean just viewing them as employees. We are proud of our heritage and absolutely believe that the West Brom is a great place to work.The West Brom are a Disability Leader employer and encourage disabled applicants and applicants from diversebackgrounds to apply. We will consider requests to make adjustments to our recruitment process and offer a guaranteed interview to disabled applicants meeting the essential criteria. Should you require assistance please do not hesitate to email ##### out our careers page to find out more about our culture, values and benefits. If you share our values and our enthusiasm, then you will find a home at the West Brom.Do it today and click apply!*Please note – We reserve the right to withdraw our adverts earlier than the original published expiry date, therefore if you are interested please submit your application as soon as possible*Head Office: 2 Providence Place West Bromwich B70 8AF.www.westbrom.co.ukThe West Brom is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and Prudential Regulation Authority. Register no. 104877. ‘the West Brom’ is a trading name of West Bromwich Building Society.
#J-18808-Ljbffr
.webp "Apply4U | Sign Up")
.webp "Apply4U | Contact Us")
.webp "Apply4U | Sign up")
