Cyber Security Manager
- Sopra Steria
- Hemel Hempstead, Hertfordshire
- 22/09/2022
Full time
Information Technology
Telecommunications
Job Description
Are you an experience Cyber security professional looking for a new opportunity?
The Corporate Security team is growing as Sopra Steria grows and this new role has been created in recognition of the pivotal role effective InfoSec risk management has in prioritising Cyber Security activities and the associated threat mitigations
Working with the UK CISO, this is an exciting opportunity for an enthusiastic and motivated individual who is eager to improve Cyber security in a large matrix organisation using infosec risk management best practises in order to improve the visibility of infosec risk, identifying risk owners, helping them accurately assess their appetite for risk, resulting in pragmatic, proportionate and practical security decisions being made.
We can offer great career progression opportunities, ability to be based anywhere across the UK, benefits which you can flex to meet your needs and training and development opportunities.
You will be technically astute and must also be willing to generalise outside of your key responsibilities to help the small but growing team in a variety of crucial security subject areas, including incident management, personnel vetting, insider threat and policy and governance.
What you'll be doing:
Secondary Responsibilities:
What you'll bring:
It would be great if you had:
If you are interested in this role but not sure if your skills and experience are exactly what we're looking for, please do apply, we'd love to hear from you!
Employment Type: Full-time
Location: Hemel Hempstead (Once a week negotiable and London Once a month)
Security Clearance Level: SC
Internal Recruiter: Marion
Salary: Up to £50,000
Benefits: £5,400 car allowance, 25 days annual leave with the option to buy additional days, private medical, life assurance, pension, and generous flexible benefits fund
Although this role is advertised as full-time, we support many ways of working and can offer a range of flexible working arrangements. So, if you're interested and need to work flexibly, we encourage you to apply and talk to us about what might be possible.
Loved reading about this job and want to know more about us?
We are a purpose driven digital transformation provider, creating innovative digital solutions to help clients drive their digital transformation projects and secure tangible and sustainable benefits. We harness the power of innovation to drive positive change in both business and society, delivering sustainable growth and services which make life better, from effective frontline citizen services, to digitising financial services, utilities, and delivering smarter roads.
We place people at the heart of everything we do and are committed to working with our customers, partners and suppliers to shape a better world and add real and lasting social value to the communities in which we work.
Together we are building a better future by delivering real and lasting value.
We are just at the start of what we can achieve together. Come and join us!
We embrace difference as a source of creativity, innovation and competitive advantage and are striving to become a more diverse organisation. We welcome applications from people with a diverse variety of backgrounds and identities. We are committed to equality of opportunity for all and do not discriminate on the basis of race, religion, colour, gender, age, disability, sexual orientation or marital status. We have partnered with Vercida , the UK's largest diversity and inclusion focused careers site, where all our vacancies are available in an accessible format.
If you require any adjustments to the recruitment process, to enable you to perform to the best of your ability, please let us know when completing your application. We participate in the Disability Confident scheme and are committed to offering an interview to any candidate with a disability, who meets the minimum criteria for the role. If you believe this could apply to you, please let us know when completing your application.
The Corporate Security team is growing as Sopra Steria grows and this new role has been created in recognition of the pivotal role effective InfoSec risk management has in prioritising Cyber Security activities and the associated threat mitigations
Working with the UK CISO, this is an exciting opportunity for an enthusiastic and motivated individual who is eager to improve Cyber security in a large matrix organisation using infosec risk management best practises in order to improve the visibility of infosec risk, identifying risk owners, helping them accurately assess their appetite for risk, resulting in pragmatic, proportionate and practical security decisions being made.
We can offer great career progression opportunities, ability to be based anywhere across the UK, benefits which you can flex to meet your needs and training and development opportunities.
You will be technically astute and must also be willing to generalise outside of your key responsibilities to help the small but growing team in a variety of crucial security subject areas, including incident management, personnel vetting, insider threat and policy and governance.
What you'll be doing:
- Implement and maintain a consistently applied information security risk management framework (RMF) that helps communicate the risk position to senior stakeholders, working closely with our business Sectors to ensure its full deployment
- Collaborate with each business Sector to make sure that the RMF is effectively deployed to give visibility to risks and associated appetite, mitigations and mitigation efficiency
- Educate the business on effective information risk management and the internal and regulatory obligations they have
- Provide to the Sectors, the UK CISO and other stakeholders regular reporting on the risk position
- Integrate the activity with our overall Enterprise Risk framework, ensuring infosec risk is optimally communicated into the audit and risk committee
Secondary Responsibilities:
- Assess performance against UK and Group policy and the Sopra Steria Delivery Rule Book
- Collaborate with our enterprise audit team to provide evidence of mandated activities in our ISO27001 ISMS
- Assist the UK CISO drive security standards and approaches throughout the businesses Sectors and Joint Ventures, as well as areas where the UK holds business responsibility
- Review the company's position against current and emerging guidance from the UK's National Cyber Security Centre in relation to Cyber / Information Risk
- Assist in the management of major security incidents
- Deputise for the UK CISO as and when needed
- Work closely with Sopra Steria colleagues in France, Norway, Singapore, India and other key locations, establishing relationships with contacts in each company entity
- Work with UK Communications and others to ensure the deployment of effective and measurable security culture / behavioural change of Cyber security for all UK employees
- Review, develop and maintain UK Security policy, guidelines and processes to ensure they accurately reflect and support efficient processes
What you'll bring:
- Prior role in Information Security Risk management OR Supply Chain Security with a willingness to adapt to a multi-disciplined role
- Previous roles held in operational IT
- Experience with externally recognised information security risk management framework, such as COBIT, ISO27005, or the NIST RMF
- Experience in leading or working within an ISO27001 ISMS framework
- Attained one or more information security qualification and/or certifications (E.g., ISO27001 Lead Auditor)
- Experience working with Governmental departments, Regulatory authorities or within a regulated industry
- Strong collaborator and communicator at all levels
It would be great if you had:
- Fluent in French
- Holding the CISSP certification
- Prior work in a Security Operations Centre and/or Cyber Defensive role
- Has led, or been closely involved in the response and mitigation efforts of at least one major cyber security incident
If you are interested in this role but not sure if your skills and experience are exactly what we're looking for, please do apply, we'd love to hear from you!
Employment Type: Full-time
Location: Hemel Hempstead (Once a week negotiable and London Once a month)
Security Clearance Level: SC
Internal Recruiter: Marion
Salary: Up to £50,000
Benefits: £5,400 car allowance, 25 days annual leave with the option to buy additional days, private medical, life assurance, pension, and generous flexible benefits fund
Although this role is advertised as full-time, we support many ways of working and can offer a range of flexible working arrangements. So, if you're interested and need to work flexibly, we encourage you to apply and talk to us about what might be possible.
Loved reading about this job and want to know more about us?
We are a purpose driven digital transformation provider, creating innovative digital solutions to help clients drive their digital transformation projects and secure tangible and sustainable benefits. We harness the power of innovation to drive positive change in both business and society, delivering sustainable growth and services which make life better, from effective frontline citizen services, to digitising financial services, utilities, and delivering smarter roads.
We place people at the heart of everything we do and are committed to working with our customers, partners and suppliers to shape a better world and add real and lasting social value to the communities in which we work.
Together we are building a better future by delivering real and lasting value.
We are just at the start of what we can achieve together. Come and join us!
We embrace difference as a source of creativity, innovation and competitive advantage and are striving to become a more diverse organisation. We welcome applications from people with a diverse variety of backgrounds and identities. We are committed to equality of opportunity for all and do not discriminate on the basis of race, religion, colour, gender, age, disability, sexual orientation or marital status. We have partnered with Vercida , the UK's largest diversity and inclusion focused careers site, where all our vacancies are available in an accessible format.
If you require any adjustments to the recruitment process, to enable you to perform to the best of your ability, please let us know when completing your application. We participate in the Disability Confident scheme and are committed to offering an interview to any candidate with a disability, who meets the minimum criteria for the role. If you believe this could apply to you, please let us know when completing your application.
About Sopra Steria