• Ссылка на вакансию: RMS0207392

IS Security and Risk Manager

  • Сектор: Commercial
  • Местоположение: Aberdeen
  • Тип вакансии: Contract
  • Дата публикации: 04.03.2019
  • Продолжительность: ongoing
Срок действия этой вакансии истек.
Направлять информацию о похожих вакансиях на мой email    Что это?

The Role:
We are looking for a dynamic, solutions focussed and collaborative IS Security and & Risk Consultant to join us at an exciting time for as we continue to establish ourselves as one of Europe's top independent E&P companies. Initially, this role will lead the design and implementation of standing up the standalone IS security and IS risks function for client, including the delivery of IS security and IS risks separation from Centrica, which will include the responsibility for the service transition into BAU and all associated readiness activities and sign-off of the client IS security and risks function by Centrica IS security. By providing robust and effective IS security and risk technology leadership, designing and implementing a best in class strategy that secures client's operating business globally across the threat spectrum and developing and managing a best in class IS security and risk function, this role will be a trusted source of expertise to the business and drive continuous improvement of the overall IS security and IS risks posture across client.

There is a preference for this role to be primarily based in our Aberdeen office, however we will consider excellent candidates who could be based at our Staines upon Thames office. There may be requirements from time to time to travel to other UK locations, as well as locations in Norway and the Netherlands.

What will you be doing in your new role?

*Providing IS security and IS risk technology leadership and be accountable for the development, implementation, communication, maintenance and governance of the IS Security and IS Risks strategy, technical architecture and roadmaps for client, in collaboration with the Director, Information Systems (IS)
*Develop, manage and maintain an effective IS Security and IS risks Governance Framework
*Become the trusted source of strategic IS Security and IS risks expertise for client and pro-actively provide IS security and IS risks leadership and guidance to business divisions, projects and 3rd parties
*Monitoring for and responding to IS security incidents
*Initial investigation and documentation of IS security incidents
*Assessing IS security requests from wider Spirit IS infrastructure teams as part of IS BAU infrastructure and operations and IS change plan projects
*Responding to requests for advice and assistance with IS security activities such as external hosted or cloud services site reviews
*Produce IS security and IS risks metrics and reporting, including quarterly reporting to client ExCom and ad-hoc reporting to the client Board and Audit Committee
*Monitoring for IS security events and establishing IS security intelligence and baselines
*Development and maintenance of IS security and IS risks standards and procedures
*Perform IS security testing/auditing on IT systems
*Manage the vulnerability scanning program and perform continuous vulnerability scanning/monitoring and generate reports
*Audit system configurations and provide guidance and assistance on hardening standards
*Maintaining the client IS framework; based on industry regulations/best practices such as GDPR, NIS, NIST cyber security framework and ISO/IEC 27000 series
*Maintain awareness of relevant legal, statutory, regulatory and contractual obligations, as relate to IS security, across client, including participation in external IS security industry groups and peer networks
*Providing guidance, communications and assistance on IS security and IS risks to all personnel across the organisation, raising awareness of the published IS security policies, standards and guidelines; identify user training requirements where appropriate and liaise with external IS security service support organisations as required
*Contributing to the development of and ensure compliance with defined standards, policies and processes
*Adhering to the IS Change Management process, ensuring that changes affecting our business are communicated effectively; liaising with IS colleagues to successfully plan and execute changes

To deliver real value in this role, candidates should be able to demonstrate the following:

*Previous demonstrable experience of performing a similar IS security leadership role, preferably with an oil and gas operator, oil and gas services company, consultancy or software house, or in a similar 24x7 asset intensive business, including multi-country operations, both onshore and offshore
*Extensive progressive work experience in multiple ITexperience in terms of scheduling, prioritising and delivering projects within time and budget disciplines, including technical architecture, network management, application development, middleware, database management or operations
*Broad technical knowledge of IS Security technology including: firewalls, intrusion detection systems, anti-virus software, data encryption, vulnerability management, and other industry-standard techniques and practices
*Strong technical knowledge of networks, PC, and platform operating systems
*Strong technical knowledge of TCP/IP and network administration and protocols
*Working knowledge of incident handling best practices such as NIST 800-6 and privacy legislation, GDPR, IT governance, ITIL, SOX 404, COBIT, and ISO27000
*Knowledge of the Network and Information Systems Regulations 2018


*Certified Information Security Systems Professional (CISSP) desirable
*CompTIA Security+ desirable

Похожие вакансии
Andrew Pritchard
UNISOL FI/CO/JV Analyst Местоположение Aberdeen Продолжительность ongoing The Role: MAIN ACTIVITIES: FI/CO/JV Data Migration ...
Nicola Lanzillotta
Reporting and Performance Lead - HS2 Местоположение London Продолжительность permanent The Role: About the role: The right candidate will be able...
Nicola Lanzillotta
Reporting and Performance Lead - Euston Местоположение London Продолжительность permanent The Role: About the role: The right candidate will be able...

К началу

Нажав "Save" (Сохранить), вы даете согласие на
получение данных о вакансиях, соответствующих
вакансии / странице, которую вы просматриваете в электронной почте,
от Fircroft в соответствии с нашей политикой конфиденциальности
Компания Fircroft хотела бы сообщать вам о новых вакансиях и новостях по электронной почте. Иногда маркетинговые материалы компании Fircroft могут содержать данные третьей стороны или партнера, однако мы не будем предоставлять ваши персональные данные каким-либо третьим сторонам без вашего разрешения. Время от времени мы будем просить вас поделиться своим мнением о полученной услуге. Мы можем персонализировать предоставляемые вам услуги, основываясь на вашем месторасположении, а также на том, как вы используете fircroft.com, чтобы вы получили максимум пользы от Fircroft.
Компания Fircroft хотела бы сообщать вам о новых вакансиях и новостях в SMS / текстовых сообщениях.
Вы уверены? Если вы откажетесь получать электронные письма или SMS-сообщения, компания Fircroft не сможет сообщать вам о новых вакансиях. Мы бы не хотели, чтобы вы упустили возможность карьерного роста, и поэтому решили проверить, не хотите ли вы изменить свои предпочтения – на всякий случай. Если выбранные предпочтения вас не устраивают, вы можете войти в свою учетную запись и изменить их в любой момент.