Cybersecurity Risk Manager

2 months ago

Glasgow, Glasgow City, United Kingdom City Facilities Management Holdings Ltd Full time

Cybersecurity Risk Manager

Salary: Competitive

Location: Glasgow Head Office

Shift Pattern: Days

Hours per day: Full-time

This is a permanent position.

POSITION OVERVIEW:

This role is situated within the second line of defense, where you will oversee and assist the organization in effectively managing cyber threats and safeguarding information. Your primary responsibility will be to shield the organization from security vulnerabilities by identifying potential risks and formulating suitable risk mitigation strategies. You will provide senior management with independent verification of their cyber risk and information protection status.

Collaboration with the first line cyber team will be essential to ensure that business assurance plans are communicated and that the requirements of the second line are comprehended.

Additionally, you will spearhead a defined series of cyber assurance evaluations, projects, and initiatives while striving to meet the objectives related to cyber assurance and compliance. You will also contribute to shaping the organization's cybersecurity strategy, focusing on data protection, monitoring and reporting, risk and threat evaluation, incident management, business continuity, and disaster recovery.

KEY RESPONSIBILITIES

Monitoring & Review

  • Contribute to and uphold the existing information security risk management framework, articulating risks in business terms, identifying appropriate mitigation strategies, and driving their implementation to ensure the security of our information and services.
  • Collaborate with key stakeholders to prioritize technology, process, and personnel-based security initiatives to address identified risks, employing continuous improvement principles to enhance our information security delivery framework.
  • Participate in the annual information security business plan, including audits, assessments, risk evaluation activities, and updates to the information security delivery framework, such as policy revisions.
  • Identify pertinent information security activities in response to evolving standards and regulations.
  • Engage with key stakeholders to prioritize information security and compliance initiatives.
  • Conduct security risk assessments and adversarial testing to determine proportional risks, advising on relevant enhancements to the information security delivery framework.
  • Ensure data security measures are in place to comply with our policies.

Response & Remediation

  • Address information security incidents in accordance with established standards and processes, meeting or exceeding agreed performance indicators.
  • Conduct regular security and data protection compliance audits and assessments, taking necessary actions to mitigate any identified risks.
  • Assist in the development of the organization's disaster recovery and business continuity plans.
  • Collaborate with internal departments and external partners to identify and mitigate information security-related risks.
  • Initiate and promote activities to enhance information security and data protection awareness throughout the organization and its partners.
  • Serve as the primary contact for supervisory authorities and individuals whose data is processed.
  • Engage in activities related to information security and compliance, including awareness initiatives, training needs assessments, data migrations, security enhancements, and data protection inquiries.
  • Provide support in business development proposals and responses.
  • Undertake other responsibilities as deemed appropriate for the role and skill set.

Team Management

  • Contribute to and execute the development hiring plan for the team, including sourcing, screening, and interviewing candidates.
  • Conduct regular one-on-one meetings with all direct reports.
  • Establish team objectives and technical direction, ensuring alignment with the goals of the Technology and Information Security roadmaps.
  • Set individual goals for each team member, ensuring alignment with team objectives.
  • Implement effective engineering processes and policies that emphasize quality and progress.
  • Act as a deputy for the Head of Information Security when required.

KNOWLEDGE, SKILLS & ABILITIES

Essential:

  • Degree-level qualification or equivalent experience in cyber risk management and information protection.
  • Understanding of cybersecurity fundamentals.
  • Familiarity with ISO 27001 standards.
  • Knowledge of NIST Cybersecurity Framework.
  • Strong technical background in data classification and data loss prevention.
  • Experience in information security governance, policy, and procedure development.
  • Proficiency in Active Directory, Azure AD, Windows File Services, SharePoint, and Office 365.
  • Experience with Microsoft Purview implementation and configuration oversight.
  • Broad technical expertise (database, web application development, infrastructure, etc.).
  • Strong analytical and decision-making skills focused on risk.
  • Business acumen.
  • Ability to communicate effectively across all levels of the organization.
  • Pragmatic and adaptable approach.
  • Problem-solving capabilities.
  • Excellent interpersonal skills.
  • Creativity.

Desirable:

  • Certifications such as CISSP, CRISC, or CISM.
  • Knowledge of EU GDPR.
  • Familiarity with PCI-DSS.
  • Understanding of cloud, hybrid, and global enterprise networks.
  • Experience with audit and risk assessment processes.
  • Skills in conducting audits, developing controls, and performing risk assessments.
  • Experience in managing third-party relationships.
  • Demonstrated ability to analyze complex business processes and technologies to provide sound recommendations to non-technical stakeholders.

About City Facilities Management Holdings Ltd

City Facilities Management Holdings Ltd is committed to delivering exceptional service and value to its partners globally. The company prides itself on its collaborative approach and dedication to fostering long-term, mutually beneficial relationships.

Our Benefits

City Facilities Management Holdings Ltd offers a comprehensive benefits package to support the well-being and professional growth of its employees.

Documents

For more information, please refer to the company’s official documentation.

  • Cybersecurity Risk Manager

    4 weeks ago

    Glasgow, Glasgow City, United Kingdom CV Library Full time

    About the RoleWe are seeking an experienced Information Security Manager to join our 2nd Line of Defence team. As a key member of our cybersecurity team, you will be responsible for managing cyber risks and ensuring the business is protected from security threats.Key ResponsibilitiesMonitor and Review: Develop and maintain our information security risk...

  • Cybersecurity Risk Manager

    4 weeks ago

    Glasgow, Glasgow City, United Kingdom CV Library Full time

    About the RoleWe are seeking an experienced Information Security Manager to join our 2nd Line of Defence team. As a key member of our cybersecurity team, you will be responsible for managing cyber risks and ensuring the business is protected from security threats.Key ResponsibilitiesMonitor and Review: Develop and maintain our information security risk...

  • Cybersecurity Risk Manager

    4 weeks ago

    Glasgow, Glasgow City, United Kingdom Be-IT Full time

    About the Role:We are seeking a seasoned expert in cyber risk management and information protection to join our 2nd Line of Defence team. As an Information Security Manager, you will lead efforts to manage cyber risks, ensuring the business is protected from security threats. Your expertise will guide the identification of risks and the development of...

  • Cybersecurity Risk Manager

    4 weeks ago

    Glasgow, Glasgow City, United Kingdom Be-IT Full time

    About the Role:We are seeking a seasoned expert in cyber risk management and information protection to join our 2nd Line of Defence team. As an Information Security Manager, you will lead efforts to manage cyber risks, ensuring the business is protected from security threats. Your expertise will guide the identification of risks and the development of...

  • Cybersecurity Risk Manager

    1 month ago

    Glasgow, Glasgow City, United Kingdom Be-IT Full time

    About the RoleWe are seeking an experienced Cybersecurity Risk Manager to join our 2nd Line of Defence team. As a key member of our cybersecurity team, you will be responsible for managing cyber risks and ensuring the business is protected from security threats.Key ResponsibilitiesMonitor and Review: Maintain and evolve our information security risk...

  • Cybersecurity Risk Manager

    1 month ago

    Glasgow, Glasgow City, United Kingdom Be-IT Full time

    About the RoleWe are seeking an experienced Cybersecurity Risk Manager to join our 2nd Line of Defence team. As a key member of our cybersecurity team, you will be responsible for managing cyber risks and ensuring the business is protected from security threats.Key ResponsibilitiesMonitor and Review: Maintain and evolve our information security risk...

  • Cybersecurity Risk Manager

    1 month ago

    Glasgow, Glasgow City, United Kingdom Be-IT Resourcing Full time

    About the RoleWe are seeking an experienced Cybersecurity Risk Manager to join our 2nd Line of Defence team. As a key member of our cybersecurity team, you will be responsible for managing cyber risks and ensuring the business is protected from security threats.Key ResponsibilitiesMonitor and Review: Develop and maintain our information security risk...

  • Cybersecurity Risk Manager

    1 month ago

    Glasgow, Glasgow City, United Kingdom Be-IT Resourcing Full time

    About the RoleWe are seeking an experienced Cybersecurity Risk Manager to join our 2nd Line of Defence team. As a key member of our cybersecurity team, you will be responsible for managing cyber risks and ensuring the business is protected from security threats.Key ResponsibilitiesMonitor and Review: Develop and maintain our information security risk...

  • Cybersecurity Risk Manager

    3 weeks ago

    Glasgow, Glasgow City, United Kingdom Be-IT Full time

    Information Security ManagerBe-IT is seeking an experienced Information Security Manager to join our 2nd Line of Defence team. As a seasoned expert in cyber risk management and information protection, you will lead efforts to safeguard our business operations from evolving security threats.Key Responsibilities:Develop and lead a high-performing team, setting...

  • Cybersecurity Risk Manager

    3 weeks ago

    Glasgow, Glasgow City, United Kingdom Be-IT Full time

    Information Security ManagerBe-IT is seeking an experienced Information Security Manager to join our 2nd Line of Defence team. As a seasoned expert in cyber risk management and information protection, you will lead efforts to safeguard our business operations from evolving security threats.Key Responsibilities:Develop and lead a high-performing team, setting...

  • Cybersecurity Risk Manager

    4 weeks ago

    Glasgow, Glasgow City, United Kingdom Clad-It Ltd Full time

    About the Role:We are seeking an experienced Information Security Manager to join our 2nd Line of Defence team at Clad-It Ltd. In this critical role, you will lead efforts to manage cyber risks, ensuring the business is protected from security threats. Your expertise will guide the identification of risks and the development of effective mitigation plans....

  • Cybersecurity Risk Manager

    4 weeks ago

    Glasgow, Glasgow City, United Kingdom Clad-It Ltd Full time

    About the Role:We are seeking an experienced Information Security Manager to join our 2nd Line of Defence team at Clad-It Ltd. In this critical role, you will lead efforts to manage cyber risks, ensuring the business is protected from security threats. Your expertise will guide the identification of risks and the development of effective mitigation plans....

  • Cybersecurity Risk Manager

    3 weeks ago

    Glasgow, Glasgow City, United Kingdom CV Library Full time

    About the RoleWe are seeking an experienced Information Security Manager to join our 2nd Line of Defence team. As a key member of our cybersecurity team, you will be responsible for managing cyber risks and ensuring the business is protected from security threats.Key ResponsibilitiesMonitor and Review: Develop and maintain our information security risk...

  • Cybersecurity Risk Manager

    3 weeks ago

    Glasgow, Glasgow City, United Kingdom CV Library Full time

    About the RoleWe are seeking an experienced Information Security Manager to join our 2nd Line of Defence team. As a key member of our cybersecurity team, you will be responsible for managing cyber risks and ensuring the business is protected from security threats.Key ResponsibilitiesMonitor and Review: Develop and maintain our information security risk...

  • Cybersecurity Risk Manager

    4 weeks ago

    Glasgow, Glasgow City, United Kingdom Be-IT Full time

    Job Title: Information Security ManagerBe-IT is seeking a seasoned expert in cyber risk management and information protection to join our 2nd Line of Defence team. As an Information Security Manager, you will lead efforts to manage cyber risks, ensuring the business is protected from security threats.Key Responsibilities:Maintain and evolve our information...

  • Cybersecurity Risk Manager

    1 month ago

    Glasgow, Glasgow City, United Kingdom Be-IT Full time

    Information Security ManagerBe-IT is seeking a seasoned expert in cyber risk management and information protection to join our 2nd Line of defence team as an Information Security Manager. In this pivotal role, you will lead efforts to manage cyber risks, ensuring the business is protected from security threats.Key Responsibilities:Maintain and evolve our...

  • Cybersecurity Risk Manager

    4 weeks ago

    Glasgow, Glasgow City, United Kingdom Be-IT Full time

    Job Title: Information Security ManagerBe-IT is seeking a seasoned expert in cyber risk management and information protection to join our 2nd Line of Defence team. As an Information Security Manager, you will lead efforts to manage cyber risks, ensuring the business is protected from security threats.Key Responsibilities:Maintain and evolve our information...

  • Cybersecurity Risk Manager

    1 month ago

    Glasgow, Glasgow City, United Kingdom Be-IT Full time

    Information Security ManagerBe-IT is seeking a seasoned expert in cyber risk management and information protection to join our 2nd Line of defence team as an Information Security Manager. In this pivotal role, you will lead efforts to manage cyber risks, ensuring the business is protected from security threats.Key Responsibilities:Maintain and evolve our...

  • Cybersecurity Risk Manager

    3 weeks ago

    Glasgow, Glasgow City, United Kingdom Be-IT Full time

    Information Security ManagerBe-IT is seeking an experienced Information Security Manager to join our 2nd Line of Defence team. As a seasoned expert in cyber risk management and information protection, you will lead efforts to safeguard our business operations from evolving security threats.Key Responsibilities:Develop and lead a high-performing team, setting...

  • Cybersecurity Risk Manager

    3 weeks ago

    Glasgow, Glasgow City, United Kingdom Be-IT Full time

    Information Security ManagerBe-IT is seeking an experienced Information Security Manager to join our 2nd Line of Defence team. As a seasoned expert in cyber risk management and information protection, you will lead efforts to safeguard our business operations from evolving security threats.Key Responsibilities:Develop and lead a high-performing team, setting...