Cyber Governance Analyst

Our client provides essential engineering services to maintain and renew critical infrastructure networks. Their multidisciplinary expertise is delivered through independently branded UK subsidiary businesses that support the day-to-day running of these networks. Each subsidiary operates with autonomy, enabling them to remain competitive and effective in their individual markets, while adhering to group-wide standards

As the group continues to grow and governance requirements increase, we are working with them to expand the central IT function to strengthen and add value to the existing team.

Responsibilities:

Reporting into the GISO, You will provide guidance as a first line of defence in maintaining the security controls in line with company policies and standards and would act as the liaison across subsidiary cyber services. You will also ensure that proactive risk management with good cyber control processes and audit requests are in place.

• Collaborate with IT and legal/policy teams to create, manage and ensure compliance with industry regulations and company specific policies.
• Implementing Information Security and Privacy Standards and Frameworks (e.g. NIST, CIS Security Controls).
• Working directly with engineering teams and architects to review system/data architectures through the development of patterns and industry best practice.
• Understanding and articulating the impact of vulnerabilities and required controls and mitigations on existing and future designs and systems.
• Ability to conduct Risk Assessments and effectively translate and accurately communicate security and risk implications to technical and non-technical stakeholders.
• Manage and support Project stakeholder expectations and be flexible, agile and pragmatic.

Requirements:

• In-depth knowledge of cybersecurity frameworks (e.g., NIST, CIS Security controls)
• Previous role with similar responsibilities in supporting effective governance, monitoring controls and internal processes, managing identified risks.

Why Apply?

This is an opportunity for the right candidate to work across multiple companies with great individuals and help shape a secure environment for the business to operate in. Whilst this role can be remote, travel to sites will be required which would suit the nortern part of the UK.