Cybersecurity Risk Manager

2 months ago

Glasgow, Glasgow City, United Kingdom City Facilities Management Holdings Ltd Full time

Cybersecurity Risk Manager

Salary: Competitive

Location: Glasgow Head Office

Shift Pattern: Days

Hours per day: Full-time

This is a permanent position.

POSITION OVERVIEW:

In this pivotal role, you will be part of the second line of defense, guiding and supporting the organization in effectively managing cyber risks and safeguarding information assets. Your primary responsibility will be to shield the organization from security threats by identifying vulnerabilities and formulating suitable risk mitigation strategies. You will provide senior management with independent assurance regarding their cyber risk and information protection stance.

Collaboration with the first line cyber team will be essential to ensure that business assurance plans are communicated and that the requirements of the second line are well understood.

You will also spearhead a defined series of cyber assurance evaluations, projects, and initiatives, while striving to meet cyber assurance and compliance objectives. Additionally, you will play a key role in shaping the cybersecurity strategy concerning data protection, monitoring and reporting, risk assessment, incident response, business continuity, and disaster recovery.

PRINCIPAL TASKS AND RESPONSIBILITIES

Monitor & Review

  • Contribute to and uphold the existing information security risk management framework, articulating risks in business terms, identifying suitable mitigation strategies, and driving their implementation to ensure the security of our information and services.
  • Engage with key stakeholders to prioritize technology, process, and personnel-based security initiatives aimed at mitigating identified risks, employing continuous improvement principles to evolve our information security delivery framework.
  • Participate in the annual information security business plan, including audits, assessments, and updates to the information security delivery framework, such as policy revisions.
  • Identify pertinent information security activities in response to evolving standards and regulations.
  • Collaborate with key stakeholders to prioritize information security and compliance initiatives.
  • Conduct security risk assessments and adversarial testing to establish proportional risk, advising on relevant enhancements to the information security delivery framework.
  • Ensure that data security measures are implemented in accordance with our policies.

Respond & Remediate

  • Address information security incidents in line with established standards and processes, consistently meeting or exceeding agreed KPIs.
  • Follow a regular schedule of security and data protection compliance audits and assessments, taking necessary actions to mitigate any identified risks.
  • Assist in the development of the organization's disaster recovery and business continuity plans.
  • Collaborate with internal departments and external partners to identify and mitigate information security-related risks.
  • Initiate and promote activities to enhance information security and data protection awareness throughout the organization and its partners.
  • Serve as the primary contact for supervisory authorities and individuals whose data is processed.
  • Engage in activities related to information security and compliance, including awareness-raising, training needs analysis, data migrations, security hardening, and breach management.
  • Provide support in business development proposals and responses.
  • Undertake other duties as deemed appropriate for the role and skillset.

Team Management

  • Contribute to and execute the development hiring plan for the team, including sourcing, screening, and interviewing candidates.
  • Conduct regular one-on-one meetings with all direct reports.
  • Establish team goals and technical direction, ensuring alignment with the objectives of the Technology and Information Security roadmaps.
  • Set personal goals for each team member, ensuring alignment with team objectives.
  • Implement effective engineering processes and policies that emphasize quality and progress.
  • Act as a deputy for the Head of Information Security when necessary.

KNOWLEDGE, SKILLS & ABILITIES

Essential

  • Degree-level qualification or equivalent experience in Cyber risk management and information protection.
  • Knowledge of cybersecurity essentials.
  • Familiarity with ISO 27001 and NIST CSF.
  • Strong technical background in Data Classification and Data Loss Prevention.
  • Experience in information security governance, policy, and procedure development.
  • Proficiency in Active Directory, Azure AD, Windows File Services, SharePoint, and Office 365.
  • Experience with Microsoft Purview implementation and configuration oversight.
  • Broad technical knowledge across databases, web application development, and infrastructure.
  • Strong analytical and decision-making skills based on risk assessment.
  • Business acumen and the ability to communicate effectively across all organizational levels.
  • A pragmatic and flexible approach to problem-solving.
  • Excellent interpersonal skills and creativity.

Desirable

  • Certifications such as CISSP, CRISC, or CISM.
  • Knowledge of EU GDPR and PCI-DSS.
  • Experience with Cloud, Hybrid, and Global Enterprise networks.
  • Familiarity with audit and risk assessment processes.
  • Experience in conducting audits and developing controls and risk assessments.
  • Ability to manage third-party relationships.
  • Proven ability to analyze complex business processes and technologies to provide sound recommendations to non-technical stakeholders.

The Company

City Refrigeration Holdings was founded in 1985 by Willie and Susan Haughey, with the aim of transforming the facilities management industry. The company was built on the principles of collaboration and transparency, fostering long-term, mutually beneficial partnerships with clients. Each partnership is tailored to meet the unique needs of the business, implemented through a bespoke, self-delivered model.

Over the years, City Group has evolved from its modest beginnings into one of the most reputable facilities management companies globally, employing over 12,000 individuals and establishing divisions across Europe, Australia, North America, and Asia. The company has diversified its service offerings to include maintenance and engineering, technical procurement and support, cleaning, and ancillary services across various sectors.

Now, more than three decades later, City remains committed to the core values established by Lord and Lady Haughey, dedicated to delivering unparalleled professionalism, quality, customer service, and value to partners worldwide.

Our Benefits

Documents

  • Cybersecurity Risk Manager

    4 weeks ago

    Glasgow, Glasgow City, United Kingdom CV Library Full time

    About the RoleWe are seeking an experienced Information Security Manager to join our 2nd Line of Defence team. As a key member of our cybersecurity team, you will be responsible for managing cyber risks and ensuring the business is protected from security threats.Key ResponsibilitiesMonitor and Review: Develop and maintain our information security risk...

  • Cybersecurity Risk Manager

    4 weeks ago

    Glasgow, Glasgow City, United Kingdom CV Library Full time

    About the RoleWe are seeking an experienced Information Security Manager to join our 2nd Line of Defence team. As a key member of our cybersecurity team, you will be responsible for managing cyber risks and ensuring the business is protected from security threats.Key ResponsibilitiesMonitor and Review: Develop and maintain our information security risk...

  • Cybersecurity Risk Manager

    4 weeks ago

    Glasgow, Glasgow City, United Kingdom Be-IT Full time

    About the Role:We are seeking a seasoned expert in cyber risk management and information protection to join our 2nd Line of Defence team. As an Information Security Manager, you will lead efforts to manage cyber risks, ensuring the business is protected from security threats. Your expertise will guide the identification of risks and the development of...

  • Cybersecurity Risk Manager

    4 weeks ago

    Glasgow, Glasgow City, United Kingdom Be-IT Full time

    About the Role:We are seeking a seasoned expert in cyber risk management and information protection to join our 2nd Line of Defence team. As an Information Security Manager, you will lead efforts to manage cyber risks, ensuring the business is protected from security threats. Your expertise will guide the identification of risks and the development of...

  • Cybersecurity Risk Manager

    1 month ago

    Glasgow, Glasgow City, United Kingdom Be-IT Full time

    About the RoleWe are seeking an experienced Cybersecurity Risk Manager to join our 2nd Line of Defence team. As a key member of our cybersecurity team, you will be responsible for managing cyber risks and ensuring the business is protected from security threats.Key ResponsibilitiesMonitor and Review: Maintain and evolve our information security risk...

  • Cybersecurity Risk Manager

    1 month ago

    Glasgow, Glasgow City, United Kingdom Be-IT Full time

    About the RoleWe are seeking an experienced Cybersecurity Risk Manager to join our 2nd Line of Defence team. As a key member of our cybersecurity team, you will be responsible for managing cyber risks and ensuring the business is protected from security threats.Key ResponsibilitiesMonitor and Review: Maintain and evolve our information security risk...

  • Cybersecurity Risk Manager

    1 month ago

    Glasgow, Glasgow City, United Kingdom Be-IT Resourcing Full time

    About the RoleWe are seeking an experienced Cybersecurity Risk Manager to join our 2nd Line of Defence team. As a key member of our cybersecurity team, you will be responsible for managing cyber risks and ensuring the business is protected from security threats.Key ResponsibilitiesMonitor and Review: Develop and maintain our information security risk...

  • Cybersecurity Risk Manager

    1 month ago

    Glasgow, Glasgow City, United Kingdom Be-IT Resourcing Full time

    About the RoleWe are seeking an experienced Cybersecurity Risk Manager to join our 2nd Line of Defence team. As a key member of our cybersecurity team, you will be responsible for managing cyber risks and ensuring the business is protected from security threats.Key ResponsibilitiesMonitor and Review: Develop and maintain our information security risk...

  • Cybersecurity Risk Manager

    3 weeks ago

    Glasgow, Glasgow City, United Kingdom Be-IT Full time

    Information Security ManagerBe-IT is seeking an experienced Information Security Manager to join our 2nd Line of Defence team. As a seasoned expert in cyber risk management and information protection, you will lead efforts to safeguard our business operations from evolving security threats.Key Responsibilities:Develop and lead a high-performing team, setting...

  • Cybersecurity Risk Manager

    3 weeks ago

    Glasgow, Glasgow City, United Kingdom Be-IT Full time

    Information Security ManagerBe-IT is seeking an experienced Information Security Manager to join our 2nd Line of Defence team. As a seasoned expert in cyber risk management and information protection, you will lead efforts to safeguard our business operations from evolving security threats.Key Responsibilities:Develop and lead a high-performing team, setting...

  • Cybersecurity Risk Manager

    4 weeks ago

    Glasgow, Glasgow City, United Kingdom Clad-It Ltd Full time

    About the Role:We are seeking an experienced Information Security Manager to join our 2nd Line of Defence team at Clad-It Ltd. In this critical role, you will lead efforts to manage cyber risks, ensuring the business is protected from security threats. Your expertise will guide the identification of risks and the development of effective mitigation plans....

  • Cybersecurity Risk Manager

    4 weeks ago

    Glasgow, Glasgow City, United Kingdom Clad-It Ltd Full time

    About the Role:We are seeking an experienced Information Security Manager to join our 2nd Line of Defence team at Clad-It Ltd. In this critical role, you will lead efforts to manage cyber risks, ensuring the business is protected from security threats. Your expertise will guide the identification of risks and the development of effective mitigation plans....

  • Cybersecurity Risk Manager

    3 weeks ago

    Glasgow, Glasgow City, United Kingdom CV Library Full time

    About the RoleWe are seeking an experienced Information Security Manager to join our 2nd Line of Defence team. As a key member of our cybersecurity team, you will be responsible for managing cyber risks and ensuring the business is protected from security threats.Key ResponsibilitiesMonitor and Review: Develop and maintain our information security risk...

  • Cybersecurity Risk Manager

    3 weeks ago

    Glasgow, Glasgow City, United Kingdom CV Library Full time

    About the RoleWe are seeking an experienced Information Security Manager to join our 2nd Line of Defence team. As a key member of our cybersecurity team, you will be responsible for managing cyber risks and ensuring the business is protected from security threats.Key ResponsibilitiesMonitor and Review: Develop and maintain our information security risk...

  • Cybersecurity Risk Manager

    4 weeks ago

    Glasgow, Glasgow City, United Kingdom Be-IT Full time

    Job Title: Information Security ManagerBe-IT is seeking a seasoned expert in cyber risk management and information protection to join our 2nd Line of Defence team. As an Information Security Manager, you will lead efforts to manage cyber risks, ensuring the business is protected from security threats.Key Responsibilities:Maintain and evolve our information...

  • Cybersecurity Risk Manager

    1 month ago

    Glasgow, Glasgow City, United Kingdom Be-IT Full time

    Information Security ManagerBe-IT is seeking a seasoned expert in cyber risk management and information protection to join our 2nd Line of defence team as an Information Security Manager. In this pivotal role, you will lead efforts to manage cyber risks, ensuring the business is protected from security threats.Key Responsibilities:Maintain and evolve our...

  • Cybersecurity Risk Manager

    1 month ago

    Glasgow, Glasgow City, United Kingdom Be-IT Full time

    Information Security ManagerBe-IT is seeking a seasoned expert in cyber risk management and information protection to join our 2nd Line of defence team as an Information Security Manager. In this pivotal role, you will lead efforts to manage cyber risks, ensuring the business is protected from security threats.Key Responsibilities:Maintain and evolve our...

  • Cybersecurity Risk Manager

    4 weeks ago

    Glasgow, Glasgow City, United Kingdom Be-IT Full time

    Job Title: Information Security ManagerBe-IT is seeking a seasoned expert in cyber risk management and information protection to join our 2nd Line of Defence team. As an Information Security Manager, you will lead efforts to manage cyber risks, ensuring the business is protected from security threats.Key Responsibilities:Maintain and evolve our information...

  • Cybersecurity Risk Manager

    3 weeks ago

    Glasgow, Glasgow City, United Kingdom Be-IT Full time

    Information Security ManagerBe-IT is seeking an experienced Information Security Manager to join our 2nd Line of Defence team. As a seasoned expert in cyber risk management and information protection, you will lead efforts to safeguard our business operations from evolving security threats.Key Responsibilities:Develop and lead a high-performing team, setting...

  • Cybersecurity Risk Manager

    3 weeks ago

    Glasgow, Glasgow City, United Kingdom Be-IT Full time

    Information Security ManagerBe-IT is seeking an experienced Information Security Manager to join our 2nd Line of Defence team. As a seasoned expert in cyber risk management and information protection, you will lead efforts to safeguard our business operations from evolving security threats.Key Responsibilities:Develop and lead a high-performing team, setting...