Cyber Assurance and Compliance Lead
Permanent, full time role offering £65 000 - £70 000
Location: Glasgow Area, hybrid with visits to secured site 2-3 days a week
Must have current/active SC or DV clearance
British National needed due to security requirements
About opportunity
We’re working with our cyber security client who provide expertise and solutions to military and government clients across the UK.
Working with senior stakeholders and Cyber Security departments, you'll be instrumental in establishing and maintaining robust governance frameworks and processes. Your expertise and experience will shape strategies during the design phase, to effectively manage cyber security risks and ensure compliance with regulatory requirements and industry standards. You'll collaborate closely with cross-functional teams, proposing future organisational structures that optimize cyber security governance and streamline operations.
Role in a nutshell?
You will work collaboratively with the Gov Security Teams to embed Secure by Design principles into all aspects of the Client’s technical architecture - you will be conducting security assessments, contributing to the framework and advising on mitigating risks effectively.
Key Responsibilities:
- Governance Framework Development: Design, implement, and enhance governance frameworks tailored to our clients' needs, incorporating industry best practices and regulatory guidelines.
- Policy and Procedure Management: Develop and maintain clear, consistent policies, procedures, and guidelines for cyber security governance.
- Regulatory Compliance: Stay updated on relevant regulations and standards, ensuring compliance with GDPR, ISO 27001, NIST, and other requirements.
- Internal Controls Oversight: Establish and monitor internal controls to safeguard data and assets, conducting regular reviews and audits.
- Stakeholder Engagement: Serve as a liaison, offering guidance and support to internal teams, external partners, and regulatory authorities.
- Incident Response Planning Support: Collaborate with the incident response team to develop and maintain response plans and procedures.
- Propose Future Organisational Structure: Evaluate and enhance the current organizational structure to strengthen cyber security governance.
- Continuous Improvement: Identify opportunities for process enhancements, driving initiatives to bolster our governance framework and security posture.
Background needed:
- Proven experience in cyber security governance, risk management, or compliance roles.
- Deep understanding of regulatory requirements, industry standards, and best practices.
- Strong Public Sector or Gov or Defence experience
- Excellent analytical, communication, and interpersonal skills.
- Strong attention to detail and commitment to professionalism.
- Advanced Information Security, Cyber Security or Risk Management certifications preferred (CISSP, CISM, CRISC).