Offered Salary 1000
Experience 4 Years
Full Job Description
£65,000.00 – £75,000.00
IT & Technology
5 days per week
Age UK has a newly created opportunity for an Information Risk Security Manager in our Digital & Technology team.
This specialist role is required to support age UK’s programme of work to ‘Protect what matters’, to advise, assist, and assure leadership and key 3rd party infrastructure suppliers, with design and implementation of processes, measurement, and management of information risks to see appropriate mitigation and decision-making that helps set and aligns with the Charity’s risk appetite.
You will contribute to continuous improvement of Age UK’s InfoSec posture and see increased resilience against current cyber threats.
As Information Risk and Security Manager, you will be responsible for helping to manage and develop the Information Security Risk function within Information Protection to develop effective risk management that supports business operations and growth in line with Age UK’s strategy and ambition.
The successful person will be expected to develop the security risk framework to see an embedded and dynamic process of information risk management that supports and informs Charity business decision-making and spend. This will also require production of effective risk reporting to key charity governance groups, business divisions and subsidiaries.
You will require a high degree of initiative, strong communication skills, the ability to work effectively without close supervision and drive change in an environment where some supporting policies and processes are not yet mature.
This role can be offered either on a Hybrid / London contract or as a Homebased contract. We are seeking the right candidate for this role based on their skills and capabilities.
You will have:
CRISC or equivalent qualification is essential
CISM or equivalent qualification is essential
Sound management skills, and demonstrable experience of delivering the objectives
A background delivering security risk management transformation initiatives in mid to large enterprises across technology and business landscapes.
Experience of effective working with/managing 3rd party service providers
Strong emotional capital, the ability to communicate clearly both verbally, in writing and to build strong relationships.
Strong understanding/ familiarisation of and with ISO 27001 & ‘Cyber Essentials’ and the role these play in keeping organizations and their information secure, together with the linkage to wider organizational policy, business and risk
Demonstrable track record delivering change within cyber security transformation initiatives e.g., Cyber Essentials and other areas/substantive cyber security programs
Knowledge of IRAM, CRAMM, OCTAVE or similar risk models
Working knowledge of GDPR & privacy compliance requirements
Knowledge of information security standards and related legislation
Expertise in data protection regulations and good knowledge of ISO 27001/27005 and implementation of information security management system (ISMS)
Autonomous, and the ability to work without supervision
Judgement in difficult scenarios with the ability to think laterally and creatively to resolve problems
Enthusiasm, tenacity and a passion for information security
What we offer in return:
Competitive salary, 26 days annual leave + bank holidays + annual leave purchase scheme.
Excellent pension scheme, life assurance, health cashback plan and EAP.
Car Benefit Scheme, Cycle to Work Scheme and Season Ticket Loan.
Techscheme – buy any tech from Apple or Currys, up to £1000, and spread the cost over 12 months, interest free
Heka Fitness & Wellbeing Benefit.
You Did It Awards – recognition awards from £100-250.
For a full list of benefits please click here https://www.ageuk.org.uk/about-us/jobs/employee-benefits/
Age UK is an Equal Opportunities employer and positively encourages applications from suitably qualified and eligible candidates, regardless of age, sex, race, disability, sexual orientation, gender reassignment, religion or belief, marital/civil partnership status, or pregnancy and maternity. We guarantee an interview to disabled candidates who meet the minimum criteria. We welcome requests for flexible working.
Age UK is committed to safeguarding adults at risk, and children, from abuse and neglect. We expect everyone who works with us to share this commitment.
Early application is encouraged as we will review applications throughout the advertising period and reserve the right to close the advert at any time.
Age UK politely requests no contact from recruitment agencies or media sales. We do not accept speculative CVs from recruitment agencies nor accept the fees associated with them.