Back to Job Search
Information Security Risk Manager
Information Security Risk Manager
- Job Type:Permanent
Posted 9 months ago
- Sector: Hosting & Infrastructure
- Expiry Date: 29 November 2023
- Job Ref: J10565
Join the Access Family and see how we make software ideas become a reality! Our core value of ‘Love Work, Love Life, Be You’ has been central to our success and so we’re looking for people to join us who share our passion for making things better every day and help us continue to grow.
We are the number one UK headquartered software provider in the UK and are forecasted to grow to a global population of over 12,000 employees by 2026.
What are we all about?
At Access, we love software and how technology never stays the same. It's this obsession that drives us to work closely across sectors to understand the business needs of our customers - from the Hospitality sector, to Manufacturing industry, to Not for Profit’s to Construction, and many more.
We're passionate about helping our customers stay one step ahead of the challenges facing their industry and business, currently helping over 60,000 customers to have the freedom to do more.
About you:
You are passionate about information security risk management and are looking for a job that will be varied, busy and provides an opportunity to expand your knowledge and develop a career.
You are a dedicated and committed professional who pays attention to the detail and who can adapt to an ever-changing environment. Working as an essential member of a small team, keeping pace with company growth, and maintaining Information Security compliance across the Access organisation.
You take ownership of your workload, prioritising, working autonomously if necessary to deliver consistent results that support the overall objectives of the business.
Day-to-day, you will:
• Working with the Group Information Security Manager to develop the strategy for and roll out an IRM (information risk management) Framework.
• Working to support the Directorates and Functions within the Access to implement the IRM and strategies and frameworks.
• Providing specialist resource, advice and capability on managing the risks in regard to the protection of information and data.
• Taking the outcomes of audits and incidents and articulating them as risks and adding these to the relevant risk register.
• As part of the Risk Operations group analyse the current risk profile of Access and it’s Directorates and developing a risk dashboard.
• Using the due diligence and cyber risk reports on acquired businesses work with them to develop a risk register and ensure this is integrated into Access registers.
• Apply a high-level view across all the registers and ensure emerging risks are recorded.
• Continual improvement of the risk gathering, recording, and reporting in Access.
• Ensuring that actions outlined in the risk registers are being carried out in a timely manner and that the risks are updated accordingly.
• Support the audit process with providing registers for evidence.
• Working closely with the ARC (Audit and Risk Committee) to feed in the information security risks to the overall corporate risk profile.
• Support and carry out internal ISO27001 audits, working with the team to ensure that all Access locations have been audited in line with the schedule and that any subsequent actions have been recorded and completed.
• Support the Information Security Manager in organising and managing external ISO27001 audits for all Access locations in scope. Assisting in gathering the evidence and ensuring opportunities for improvement and non-conformities are implemented.
Your skills and experiences might also include:
• Previous working experience of information security risk (CISM or CISSP would be an advantage)
• An excellent understanding of the ISO27001 framework
• Previous experience with managing multiple risk registers across a large organisation
• Proven ability to engage with stakeholders at all levels of the organisation
• The ability to effectively analyse risk and effectively report this to management teams
• Strong communication skills
What does Access offer you?
We are a growing software company, and we deliver on what we say we do! We take the development of our people very seriously and we will work with you to carve out your success plan and an opportunity to accelerate your career and make a real difference.
On top of a competitive salary, our standard 25 days holiday (which goes up the longer you’re with us), and a matched pension scheme you’ll also be able to choose from a range of benefits to suit you. We pride ourselves on being an organisation that gives back so you’ll also have a charity day you can take to support something that matters to you.
At Access we’re all about helping everyone Love Work and Love Life. Why? Because we believe people can only be their best when they can be themselves. So, if you are excited about this role, but your past experience doesn’t match perfectly, we’d still love to hear from you. You might just be whom we are looking for.
We love the fact that we’re all different. We believe by having more diverse perspectives at work improves how we run our business, helps us to better support our customers, and when you think about it, it’s just more fun!
What’s holding you back? Come and be part of our Amazing Access Family!
Love Work. Love Life. Be You.