HomeCareers

Cyber Assurance Manager

Location: London/Remote

Division/Team: Cyber Security

Type of Contract: Full-time

You will be an innovative problem-solver, who can adapt quickly to new circumstances. This requires from multiple different assurance objectives – including legislation, regulation, standards and frameworks. You will be capable of using your knowledge and intuition to identify real-world security risks and helping stakeholders understand the best options they have available.

This position will suit somebody with a methodical and hands-on approach to assurance. You will need to be a good listener and confident communicator with a consultative approach. You will be looking to gain experience in operational assurance in a fast-paced business. You will have been a subject matter expert in security management with a broad understanding of other cyber security domains – including architecture, engineering and operations. Service delivery and project management experience is desirable, particularly experience with agile delivery methods and DevOps models.

Role and responsibilities

  • Identifying and analysing cyber security risks and providing advice to risk owners.
  • Conducting assurance reviews against standards-based compliance requirements.
  • Conducting Privacy Impact Assessments.
  • Management of continuous assurance lifecycle processes within operational environments.
  • Production of assurance evidence and reports for stakeholders.
  • Production and implementation of cyber security policies.
  • Evaluating the business impact of security incidents.
  • Providing advice and guidance on meeting security related statutory and regulatory requirements.
  • Assessment of security control designs and configurations for effectiveness in risk management.
  • Developing trusted relationships with security stakeholders.
  • Implementation and maintenance of security policies and processes.
  • Managing the delivery of security assurance services for projects.
  • Analysing security industry trends.


Requirements

Essential

  • Excellent working knowledge of the security risk management life cycle, preferably working with continuous assurance methods in Agile delivery – such as secure SDLC.
  • Excellent knowledge on a variety of different security technologies; such as cryptography, host intrusion, network and application firewalls.
  • Expert knowledge of cyber security policies and process.
  • Expert knowledge of security awareness campaigns.
  • Comprehensive understanding of threat and vulnerability management systems.
  • Comprehensive understanding of security information and event management systems.
  • Comprehensive understanding of common approaches to requirements definition, system design and engineering.

Desirable

  • Familiarity with major Cloud technologies, preferably working experience of a least one major PaaS provider – such as Azure or AWS.
  • A natural collaborator with a genuine desire to help your team achieve a common goal.
  • Knowledgeable when it comes to industry standards and good practice for information security risk, preferably working experience of ISO standards.
  • An understanding of designing and implementing security management systems.

Apply