Information Security GRC Manager

Overview

• Oversee Altrata's Information Security risk program and supporting processes
• Manage our project to implement ISO27001
• Facilitate Information Security risk assessments and actively identify risks to our organisation
• Maintain our SOC2 accreditation
• Maintain and improve security documentation (policies, standards, FAQs etc.)
• Take a leading role with our Business Continuity and Disaster Recovery programs
• Prepare reports on the status of the information security program to senior management
• Provide security awareness training to all business areas
• Support third party risk management activities
• Support with client assurance/due diligence requests

Ideal Candidate

• 5+ years in industry coming from a GRC background
• Exceptional communication skills, managing and influencing stakeholders at all levels, including Executive Leadership
• Experience running ISO27001 / SOC2 projects, demonstrating that you have experience in implementing security controls and maintaining security compliance in accordance with industry standards.
• Experience managing Disaster Recovery/Business Continuity Plans/Tests and ensuring they are kept up to date and relevant for our clients and auditors
• Strong understanding of information security risk management methodologies and processes
• Experience in identifying, assessing, and managing security risks within an organisation.
• Good understanding of security controls and how to use them to mitigate risks. This includes high-level knowledge of technical security controls as well as administrative controls such as policies and procedures.

Key Information

• Salary up to £70k with a competitive package
• Remote working - option available to work on site in London
• No sponsorship
• Must pass background and reference checks
• ISO27001 Lead Implementer or other relevant certifications would be desirable (CISA etc.)