Senior Compliance Manager

Job Type:
Permanent
Contract Duration:
Unspecified
Industry:
IT
Category:
Management
Location:
England, London, Docklands
Salary:
£46,250 to £69,700 per annum
Posted:
23-Sep-19
Job Ref:
34157

Key Responsibilities:

Accompany the auditors during inspections and record findings

Randomly conduct audit inspection of operators or on new audit request

Demystify subjectivity between the auditors

Manage the auditor pool in assigning, scheduling and prioritising audits providing clear plans/instructions to meet timely inspections.

Maintain a record of all audit inspections, managing the inspection reports, providing analysis and outcomes.

Provide scrutiny of audit reports; assessment reports, improvement plans and incident reports.

Support the drafting or review of the framework, policies, procedures, risk assessments where necessary

Engage with government bodies and attend forum and events to understand threat landscape for sector.

Escalate non-compliance and offer advice to support a balanced penalty process.

Collate and formulate sector wide risk view.

Record outputs and decisions from audits and meetings, including, any incidents, which may form part of an enforcements process.

Provide compliance on programmes, including but not limited to, monitoring supplier compliance, monitoring the governance board; monitoring and contributing to any proposals for modifications/changes; develop briefing for governance board and sharing intelligence with stakeholders.

Essential Skills:

* 3 years’ minimum experience in security auditing/inspection.
* Educated to Degree level or equivalent in a cyber, engineering or technology-based discipline or equivalent.
* Hold one or more professional qualifications in ISO27001:2013 Lead Auditor, CISA or equivalent.
* Must demonstrate that you have recent and relevant skills and experience in all of the following areas:

* Conducting audit inspections of environment for critical national systems, IT, IS, OT or national headline services;
* Performing security risk assessments;
* Written and reviewed audit reports and Risk Treatment Plans (RTP)
* Ability to conduct security risks and audit analysis of associated critical systems, OT, Control Systems or headlines services; and
* Implementing processes for dealing with and managing security incidents

* Knowledge of ISO27001:2013 or IEC62443 series in critical infrastructure and challenges faced with introducing security controls
* An effective and engaging communicator, with experience working effectively with key external stakeholders
* Either holds or ability to achieve SC clearance

Desirable:

* Certified to ISO27001 Implementer, GICSP, CRISC or equivalent
* Experience of auditing in an ICS/OT environment
* Knowledge of IEC62351 and/or NIST framework
* Knowledge and/or exposure to SEC and SMETS1/SMETS2
* Coordinating incident response internally and externally

Contact Details:
Tel: 0239 3382100
Contact: Chris Bladen

You may return to your current search results by clicking here.

Latest Job Listings