Working for a global MSSP & Professional Services Company, this role is instrumental in leading the company’s Cyber Governance, Risk and Compliance capability as they continue their growth and expansion. In this role you will shape, build and deliver all aspects of the capability working closely with the Director of Professional Services and other members of the consulting team.
You will be working as a lead member of the Professional Services team and will have responsibility for both the growth and management of the GRC team; delivery of client assignments; and assistance in sales opportunities to help further grow the client base.
You will be creative and proactive – helping define and deliver market leading propositions. The role will be very ‘hands on’ – scoping and delivering consulting projects to existing clients and building new client relationships. The company works with major household names and has big ambitions to scale-up their consulting capabilities – the scope for developing personally and professionally is huge.
You will bring a wealth of experience, knowledge and gravitas in the GRC arena and be comfortable operating at all levels with clients, talking authoritatively on your areas of expertise and helping clients in a truly consultative style.
You will provide leadership, direction and guidance in assessing and evaluating information security risks, monitoring compliance to security standards and appropriate policies (SANS, CIS, NIST, ISO27001, Cyber Essentials etc.) for clients.
Main tasks and responsibilities:
- Scoping and delivering projects to clients – working collaboratively with clients to understand the risks to their business, developing pragmatic and effective solutions, controls and security architectures.
- Developing cyber governance, risk and compliance propositions.
- Developing Governance Risk and Compliance skills and capabilities within the business.
- Using your experience and gravitas to deliver at all levels, including board level, of major organisations.
- Instilling a strong consultative approach across the team to ensure the build of long standing client relationships.
- Helping to win major client assignments that will further grow professional and managed services businesses.
- Leading the delivery or significant client engagements as well as supporting as a team member where required.
- Deep understanding of Information Assurance and related activities.
- Experience in conducting objective assurance reviews.
- Experience of Information and Cyber Security policy development.
- Knowledge of external Information Security standards and frameworks, such as: NIST 800-53, ISO 27001.
- Broad experience in risk management and the application of risk management methodologies.
- An analytical mind able to visualise, conceptualise, articulate problems and construct solutions.
- Excellent written communication skills; the ability to structure and articulate written communications in a persuasive and succinct form.
- Excellent verbal communication skills and strong presentation skills.
- Proven interpersonal skills and the ability to manage stakeholders.
- Information Security related degree or equivalent experience.
- Right to Work in the UK
Relevant Cyber Security Qualifications including but not limited to:
- CompTIA – Security+
- ISO27001 Lead Implementer
- ISO27001 Internal Auditor
- Certificate in Information Security Management Principles (CISMP)
- SANS – Introduction to Cyber Security (GISF)
- Payment Card Industry Professional (PCIP) and/or QSA
- Competitive salary, Bonus & flex bens