Accessibility Links
  • Job reference: RMS0207392

IS Security and Risk Manager

  • Sector: Commercial
  • Location: Aberdeen
  • Job type: Contract
  • Date posted: 04/03/2019
  • Duration: ongoing
  • Time left:
    d h m s
    (15/04/19)
Send jobs like this to my email    What's this?

The Role:
We are looking for a dynamic, solutions focussed and collaborative IS Security and & Risk Consultant to join us at an exciting time for as we continue to establish ourselves as one of Europe's top independent E&P companies. Initially, this role will lead the design and implementation of standing up the standalone IS security and IS risks function for client, including the delivery of IS security and IS risks separation from Centrica, which will include the responsibility for the service transition into BAU and all associated readiness activities and sign-off of the client IS security and risks function by Centrica IS security. By providing robust and effective IS security and risk technology leadership, designing and implementing a best in class strategy that secures client's operating business globally across the threat spectrum and developing and managing a best in class IS security and risk function, this role will be a trusted source of expertise to the business and drive continuous improvement of the overall IS security and IS risks posture across client.



There is a preference for this role to be primarily based in our Aberdeen office, however we will consider excellent candidates who could be based at our Staines upon Thames office. There may be requirements from time to time to travel to other UK locations, as well as locations in Norway and the Netherlands.



What will you be doing in your new role?

*Providing IS security and IS risk technology leadership and be accountable for the development, implementation, communication, maintenance and governance of the IS Security and IS Risks strategy, technical architecture and roadmaps for client, in collaboration with the Director, Information Systems (IS)
*Develop, manage and maintain an effective IS Security and IS risks Governance Framework
*Become the trusted source of strategic IS Security and IS risks expertise for client and pro-actively provide IS security and IS risks leadership and guidance to business divisions, projects and 3rd parties
*Monitoring for and responding to IS security incidents
*Initial investigation and documentation of IS security incidents
*Assessing IS security requests from wider Spirit IS infrastructure teams as part of IS BAU infrastructure and operations and IS change plan projects
*Responding to requests for advice and assistance with IS security activities such as external hosted or cloud services site reviews
*Produce IS security and IS risks metrics and reporting, including quarterly reporting to client ExCom and ad-hoc reporting to the client Board and Audit Committee
*Monitoring for IS security events and establishing IS security intelligence and baselines
*Development and maintenance of IS security and IS risks standards and procedures
*Perform IS security testing/auditing on IT systems
*Manage the vulnerability scanning program and perform continuous vulnerability scanning/monitoring and generate reports
*Audit system configurations and provide guidance and assistance on hardening standards
*Maintaining the client IS framework; based on industry regulations/best practices such as GDPR, NIS, NIST cyber security framework and ISO/IEC 27000 series
*Maintain awareness of relevant legal, statutory, regulatory and contractual obligations, as relate to IS security, across client, including participation in external IS security industry groups and peer networks
*Providing guidance, communications and assistance on IS security and IS risks to all personnel across the organisation, raising awareness of the published IS security policies, standards and guidelines; identify user training requirements where appropriate and liaise with external IS security service support organisations as required
*Contributing to the development of and ensure compliance with defined standards, policies and processes
*Adhering to the IS Change Management process, ensuring that changes affecting our business are communicated effectively; liaising with IS colleagues to successfully plan and execute changes

To deliver real value in this role, candidates should be able to demonstrate the following:

*Previous demonstrable experience of performing a similar IS security leadership role, preferably with an oil and gas operator, oil and gas services company, consultancy or software house, or in a similar 24x7 asset intensive business, including multi-country operations, both onshore and offshore
*Extensive progressive work experience in multiple ITexperience in terms of scheduling, prioritising and delivering projects within time and budget disciplines, including technical architecture, network management, application development, middleware, database management or operations
*Broad technical knowledge of IS Security technology including: firewalls, intrusion detection systems, anti-virus software, data encryption, vulnerability management, and other industry-standard techniques and practices
*Strong technical knowledge of networks, PC, and platform operating systems
*Strong technical knowledge of TCP/IP and network administration and protocols
*Working knowledge of incident handling best practices such as NIST 800-6 and privacy legislation, GDPR, IT governance, ITIL, SOX 404, COBIT, and ISO27000
*Knowledge of the Network and Information Systems Regulations 2018


Certifications

*Certified Information Security Systems Professional (CISSP) desirable
*CompTIA Security+ desirable





Similar jobs
Andrew Pritchard
Competency Project Lead Location Aberdeen Duration december 2019 The Role: Play a lead role in the development and...
Hannah Dawes
Junior IT Technician Location Workington, Cumbria Duration permanent The Role: The role is a customer facing role and the main...
Graduate Systems Engineer Location Aberdeen Duration permanent The Role: Position/Job Title: Graduate Systems Engineer ...

Back to Top

By clicking "Save" you consent to
receiving matching jobs based on the
job/page you are viewing by email from
Fircroft, as detailed in our privacy policy
Fircroft would like to keep you up to date with our current vacancies and latest company updates via email. Occasionally Fircrofts marketing may contain 3rd party or affiliate information, however we will not share your personal data with any 3rd parties without your consent. From time to time, we might contact you to get your views on the service you have received. To help you get the best out of Fircroft, we may personalise them based on your location and how you use fircroft.com
Fircroft would like to keep you up to date with the latest company updates and vacancies via SMS / Text messages
Your consent options above means that Fircroft cannot contact you about any new or alternative career vacancies. If you want Fircroft to only contact you about the role(s) you have applied for please continue, however if you would like to be considered for other positions please allow us to contact you by changing one or more of the above consent.