Cyber Security Manager

Venesky-Brown’s client, a public sector organisation in Edinburgh, is currently looking to recruit an Information & Cyber Security Manager for an initial 6 month contract with option to extend on a rate of £600/day (Inside of IR35). This is a hybrid role with occasional working from the office, a minimum of 2 days per week.

• Provide Information/Cyber Security guidance, expertise and representation at project/change meetings
• Work closely with the Department Head to:
  • Support development of plan, and establishment of, dedicated IT Service & Security governance/review meetings with the client’s IT Supplier base (Security Focus)
  • Research and document the respective splits of security responsibilities (in relation to IT Security, Information Security and Cyber Security)
  • Perform gap analysis of Information/Cyber Security industry best practice versus activity currently performed by the client (or as delegated and overseen through effective supplier oversight/governance)
  • Support ongoing creation and regular upkeep of Information/Cyber Security Risk and Control Register
  • Support review/revision of the client’s Cyber Incident Response Plan
  • Support creation of Target Information Security/Cyber Security Operating Model and Resource Profile/Structure
  • Support delivery of actions required to support closure of open Information/Cyber Security related risk and audit actions
  • Ensure that Business Transformation has a robust Business Continuity plan, fully aligned with the Estates Team’s expected pro-forma/standards
• Relevant Information/Cyber Security qualification(s) e.g. CISM, CISSP, ISSMP etc.
• Involvement with the establishment and/or ongoing oversight of Information/Cyber Security Supplier Management
• Familiarity with best practise Information/Cyber Security Incident Response Plans and Playbooks
• Involvement in the establishment/maturity of Information/Cyber Security processes of medium sized (or large) enterprises
• Involvement in setting and/or refining Information/Cyber Security Strategy and Operating Models
• Aware of IT Risk and Control management fundamentals
• Experience of production of quality, accurate Security related MI reporting
• Experienced in providing Security related input/representation/task ownership and delivery for Projects and Programmes
• Active involvement with Information/Cyber Security enterprise wide maturity assessments
• Awareness of Business Continuity planning
• A confident and clear communicator with high quality verbal and written communication skills
• Calm and courteous demeanour when faced with difficult/challenging circumstances
• Able to plan and deliver assigned responsibilities to quality and time without close ongoing support/supervision
• Able to thrive in situations where information is only partially available and requires to be gathered by discussion with other stakeholders
• Inquisitive, self‑motivated, resilient and results‑driven
• Advanced knowledge and experience of Supplier Management and Governance from an Information/Cyber Security perspective
• Significant, broad experience of Information Security/Cyber Security Management within a highly regulated complex corporate environment e.g. UK Financial Services
• Able to take a high‑level briefing from Department Head level and then successfully develop plan/deliver to agreed dates with little day‑to‑day coaching, guidance and supervision
• Practical exposure and active use of Information Security/Cyber Security risk assessment methodologies
• Prior experience in establishing/shaping/refining an organisation’s Information/Cyber Security Operating Model
• Able to collaborate effectively with senior level non‑technical stakeholders and communicate persuasively
• Advanced planning, prioritisation and stakeholder management skills
• Experience leading Information/Cyber Security enterprise wide maturity assessments
• Advanced written and verbal communication skills

If you would like to hear more about this opportunity please get in touch.