Information Security Lead Helsby or North West
Do you have what it takes?
Do you want to work for a worldwide, market leading Company? A multi-disciplinary environmental consultancy company providing services globally for over 30 years, with market leading capabilities across the construction, services and rail sectors.
We have an exciting opportunity for you at RSK to join our existing Business Systems Team. Responsible for the company’s enterprise-wide applications and information security;
servicing requirements from 4,000 staff members. A key part of role within RSK is ensuring all data is secure and everyone has appropriate access controls.
Scope to contribute your ideas and shape the way we work.
What you can expect in this position and what you will be doing :
Inspire and coordinate the wide variety of activities associated with identifying, evaluating and treating information risks throughout the organization
Lead the information risk and security activities. The role includes IT risk and security; however, you will realise that the scope goes beyond that;
touching on aspects such as compliance, physical security, personnel security, incident management, business continuity support and more.
Ensure that the organization achieves a sufficient level of compliance with relevant information security and privacy-related obligations imposed by laws, regulations, standards, contracts, policies etc.
This involves proactively identifying and assessing the obligations, developing suitable responses and, in conjunction with various other parties, adopting suitable controls, policies, procedures, compliance metrics, awareness / training, monitoring, reinforcement and enforcement activities.
Liaise with and provide relevant, timely, credible information and sound professional advice to senior management concerning the organization’s information risk profile and the status of information risk treatments, with the aim of ensuring everyone is notified in a concise and timely manner.
Auditing performing or supporting audit activities across the entire enterprise, including its commercial relationships with suppliers, partners and customers and other stakeholders.
Scoping, planning and prioritizing assignments, reviewing audit files, reviewing draft audit reports, presenting and discussing reports with management (especially senior managers), liaising and coordinating with other audit specialists and managers as well as clients, and addressing various matters that are escalated (including special assignments associated with fraud or other significant concerns).
Work in the capacity of specialist professional advisor on information security and privacy compliance matters; liaising closely with other governance, risk management, information security, privacy and compliance experts, plus external authorities and contacts.
Assist with the drafting, review and implementation of the compliance elements of information security and privacy policies;
prepare reports concerning compliance failures, breaches or incidents; own the information security and privacy parts of our compliance database;
and have a leadership / advisory role in the identification, management and eventual resolution of exceptions and exemptions.
What we're looking for :
Passionate about information risk and security with a strong drive and enthusiasm for the subject
An inspirational leader keen to motivate and get the most out from identified information risks as well as security experts, aligning colleagues towards the achievement of business objectives
Good at forming productive working relationships - liaising with various specialists, advisors, managers and influencers throughout the organization, plus third parties such as business partners, suppliers, customers, authorities etc.
on information risk and security matters;
A strategic thinker able to step back from the short- and medium-term issues to see the longer-term changes and threats relating to information, and to both engineer and seize valuable opportunities for improvement;
Personal integrity and credibility high ideals, tempered by a pragmatic, realistic approach.
Decisive able to make difficult decisions, prioritize along strategic lines, and take appropriate action without prevaricating or unduly delaying, yet willing to be held to account for those decisions and actions, and willing to seek and accept advice from experts where necessary;
Persuasive : overcoming inertia, reluctance etc. and convincing people to fulfil their obligations;
Self-contained i.e. self-motivated and sufficiently confident and assertive to take actions that may be unpopular with those who risk or are contravening laws, policies, contract terms etc.;
Diplomatic, rational and reasonable able to handle difficult situations sensibly and fairly, engendering trust and respect in themselves despite the often delicate nature of the role (e.
g. dealing professionally with noncompliant managers or business partners).
What you’ll need :
Information risk and security management : experience working on projects and having responsibility for delivering goals in line with someone working toward CISSP, CISM, CRISC, or similar.
At least 5 years’ work experience in the field; familiarity with applicable standards, methods, models and approaches.
General business management : MBA or business degree desirable.
At least 3 years team leader or managers experience and responsible for dealing with information risk, security, privacy, incidents, business continuity, compliance etc.
Able to work independently and as part of a team
Excellent organisational skills with the ability to manage competing priorities
Strong written and verbal communication is essential to the role.
Computer literate and skilled with Microsoft Office applications, in particular Word, Excel and PowerPoint.
Self-motivated, with diligence, integrity and ambition.
Must hold a full UK drivers licence.
Salary & benefits :
£Commensurate with experience.
Contributory Pension Scheme
A flexible benefits programme including the option to buy additional holidays, Cycle to Work Scheme, Healthshield Cash Plan
Regular training and career development
Your professional institution fees and training will be covered.
All candidates applying for positions with RSK Group must be eligible to work in the UK / European Economic Area. For further information please contact Kate Hart, HR Business Partner on 077933 65859 or email khart rsk.co.uk.
We operate an open and relaxed management culture that nurtures continuous improvement and innovation. This also enables us to achieve a staff turnover rate that's consistently below the industry average.
Adopting a proactive growth strategy helps us to run a sustainable and profitable business while providing new and exciting career opportunities for all.
As an entrepreneurial organisation, we encourage and foster the growth of our employees. When joining RSK, a mentor works with you to ensure you set and achieve your goals.
We want to accelerate your professional development, including opportunities for a promotional fast track.
Further, retaining staff is the building block of a successful organisation. As a company, RSK wants to ensure you maintain a healthy work life balance, with many opportunities for flexible working hours, locality flexibility, social activities, and community involvement projects.
The company prides itself on providing its staff with a rewarding and challenging career, encouraging Continuous Professional Development, allowing employees to reach their full potential.
Having been recently placed within the top10 UK environmental consultancies (Environmental Analyst, December 2017) and number 42 in the Sunday Times Fastrack 200 which rates the success of private companies in the UK, there has never been a more exciting time to join.
All candidates applying for positions with RSK Group must be eligible to work in the UK / European Economic Area.
RSK is committed to our Corporate Responsibility strategy. We seek to minimise our impact on the environment; to engage positively with the community and education groups;
to provide a safe and supportive atmosphere in which to work; and to promote Corporate Responsibility throughout our supply chain.
RSK Group is an Equal Opportunities Employer