Information Security GRC Manager
Overview
- Oversee Altrata’s Information Security risk program and supporting processes
- Manage our project to implement ISO27001
- Facilitate Information Security risk assessments and actively identify risks to our organisation
- Maintain our SOC2 accreditation
- Maintain and improve security documentation (policies, standards, FAQs etc.)
- Take a leading role with our Business Continuity and Disaster Recovery programs
- Prepare reports on the status of the information security program to senior management
- Provide security awareness training to all business areas
- Support third party risk management activities
- Support with client assurance/due diligence requests
- 5+ years in industry coming from a GRC background
- Exceptional communication skills, managing and influencing stakeholders at all levels, including Executive Leadership
- Experience running ISO27001 / SOC2 projects, demonstrating that you have experience in implementing security controls and maintaining security compliance in accordance with industry standards.
- Experience managing Disaster Recovery/Business Continuity Plans/Tests and ensuring they are kept up to date and relevant for our clients and auditors
- Strong understanding of information security risk management methodologies and processes
- Experience in identifying, assessing, and managing security risks within an organisation.
- Good understanding of security controls and how to use them to mitigate risks. This includes high-level knowledge of technical security controls as well as administrative controls such as policies and procedures.
- Salary up to £70k with a competitive package
- 10% target bonus scheme
- Start date: 26th May
- Remote working – option available to work on site in London
- No sponsorship
- Must pass background and reference checks
- ISO27001 Lead Implementer or other relevant certifications would be desirable (CISA etc.)