Job Description
Information Security Risk Manager, £750 per day, (Inside IR35), 6 Months Contract
Bestman Solutions is working with a global firm company in their search for a Senior Information Security Risk / Technology Risk Management Consultant.
As the Information Security Risk Manager, you will be responsible for developing and implementing the Security Risk Management Framework within our organization. Your primary focus will be to ensure that security risks are identified, assessed, and managed in alignment with our risk appetite. Working closely with business areas, you will understand their key security risks and collaborate on mitigation strategies where necessary.
You will classify services based on CIA criteria, conduct periodic risk assessments, monitor remediation plans, and stay informed about external security trends and regulations to support effective security risk management.
Furthermore, you will facilitate the quarterly review of the DTS Risk submission to Enterprise Risk Management, ensuring alignment with organizational objectives and regulatory requirements.
Responsibilities:
- Develop and implement the Security Risk Management Framework, ensuring alignment with organizational goals and objectives.
- Identify, assess, and manage security risks in accordance with the organization's risk appetite and tolerance levels.
- Collaborate with business areas to understand their key security risks and establish mitigation plans where relevant.
- Classify services based on their Confidentiality, Integrity, and Availability (CIA) criteria, ensuring appropriate protection measures are applied.
- Conduct periodic risk assessments of key services and monitor remediation plans to address identified vulnerabilities.
- Stay informed about the external security environment, emerging trends, and regulatory requirements to support effective security risk management.
- Ensuring accuracy and completeness of risk assessments.
- Provide guidance and support to teams across the organization on security risk management practices, policies, and procedures.
- Collaborate with internal stakeholders to develop and implement security controls and measures to mitigate identified risks.
- Monitor and report on security risk management activities, including key metrics, trends, and areas of concern, to senior management and relevant stakeholders.
Qualifications:
- Proven experience in information security risk management within a complex organizational environment.
- Strong understanding of risk management frameworks, methodologies, and best practices.
- Experience collaborating with cross-functional teams and driving transformation initiatives.
- Excellent communication and interpersonal skills, with the ability to effectively convey complex technical concepts to non-technical stakeholders.
- Industry certifications such as CISSP, CISM, CRISC, or equivalent are highly desirable.
- Demonstrated ability to think strategically and innovate to solve complex problems.
- Strong analytical and problem-solving skills, with a keen attention to detail.
- Ability to work independently and manage multiple priorities in a fast-paced environment.
This is an urgent position and interviews can commence quickly.