Job Title: GRC Specialist
Location: Gaydon, Warwickshire (2-3 days in the office)
Rate: £625 per day via an Umbrella Company (Inside IR35)
Employment Type: Contract (6 Months)
Hours: Standard 40 Hours Per Week
Reference: J39922
Job Description:
The GRC Specialist is responsible for supporting in the management of our client's enterprise Governance, Risk and Compliance, Security Education and Culture and Supply Chain Security Assurance Teams and agenda from a 2 Lines of Defence (2LOD) perspective. Providing strategic support to govern technology risks (cyber, information technology and services), to achieve acceptable levels of enterprise risk, enabling our client to pursue its business strategy with confidence in line with the CISO OKRs. Skills Required:
Proven experience in Information Security Governance, Risk and Compliance (ideally in a management capacity), with experience of enhancing and operating Risk Management Frameworks, Governance, Compliance Assessments and Control Assurance. Experience of defining and maintaining performance management framework (KPIs, KRIs, KGIs, etc.) and evidence-based actional insight, for a wide range of audiences, e.g. Board/Committee decision papers, GRC analysis, etc. Comprehensive knowledge and experience of working with standards & frameworks (e.g. COBIT, NIST, ISO 27K series, ISO 31000, ISO21434, NIS, Cyber Essentials, etc.) Experience Required:
Expert in technology risk management, with experience of structured risk methods and quantitative techniques (e.g. FAIR, IRAM2, etc.). Comprehensive knowledge and experience of working with standards & frameworks (e.g. COBIT, NIST, ISO 27K series, ISO 31000, ISO21434, NIS, Cyber Essentials, etc.) Experience of defining evidence-based actional insight, for a wide range of audiences, e.g. Board/Committee decision papers, GRC analysis, etc. Experience of inspiring and developing a high performing, multi-disciplined GRC Team. Exemplary communication skills and candidate should be able to articulate and explain complex issues in plain language, simply, to a wide range of Stakeholders. Must have excellent written, presentation and verbal skills with fluent English (written and verbal). Accomplished Stakeholder Manager, confident and adept at engaging with a wide range of Stakeholders. A sound understanding of contemporary information and security technologies, practice and issues. Experience and knowledge of IT processes and practices. Experience and practitioner of Agile working (e.g. SAFe, Scrum, etc.), plus waterfall and hybrid delivery. Relevant degree or equivalent experience. Experience Preferred:
GRC experience gained in regulated businesses (e.g. Financial Services, Telco, Pharma). Experience of working in a global role, with knowledge and expertise of managing on a global basis. Project or Programme Management experience. Extensive and Enhanced Package referencing. Adverse Media Search experience. Additional Information:
2-3 days in the office is required. This role is INSIDE IR35. Do not miss out on your chance of interview –
APPLY NOW! Our Clients are
unable
to provide sponsorship for Tier 2 General Visas; therefore, only candidates eligible to work in the UK need apply! Caresoft Global Limited operates as an Employment Business and Employment Agency. We are an independent highly-experienced recruitment consultancy dedicated to specialist markets within the Automotive, Aerospace, Agricultural & Construction Industries. No terminology within this advert is intended to unlawfully discriminate on the grounds of age, sex, race or disability and we welcome all applications.
#J-18808-Ljbffr
The GRC Specialist is responsible for supporting in the management of our client's enterprise Governance, Risk and Compliance, Security Education and Culture and Supply Chain Security Assurance Teams and agenda from a 2 Lines of Defence (2LOD) perspective. Providing strategic support to govern technology risks (cyber, information technology and services), to achieve acceptable levels of enterprise risk, enabling our client to pursue its business strategy with confidence in line with the CISO OKRs. Skills Required:
Proven experience in Information Security Governance, Risk and Compliance (ideally in a management capacity), with experience of enhancing and operating Risk Management Frameworks, Governance, Compliance Assessments and Control Assurance. Experience of defining and maintaining performance management framework (KPIs, KRIs, KGIs, etc.) and evidence-based actional insight, for a wide range of audiences, e.g. Board/Committee decision papers, GRC analysis, etc. Comprehensive knowledge and experience of working with standards & frameworks (e.g. COBIT, NIST, ISO 27K series, ISO 31000, ISO21434, NIS, Cyber Essentials, etc.) Experience Required:
Expert in technology risk management, with experience of structured risk methods and quantitative techniques (e.g. FAIR, IRAM2, etc.). Comprehensive knowledge and experience of working with standards & frameworks (e.g. COBIT, NIST, ISO 27K series, ISO 31000, ISO21434, NIS, Cyber Essentials, etc.) Experience of defining evidence-based actional insight, for a wide range of audiences, e.g. Board/Committee decision papers, GRC analysis, etc. Experience of inspiring and developing a high performing, multi-disciplined GRC Team. Exemplary communication skills and candidate should be able to articulate and explain complex issues in plain language, simply, to a wide range of Stakeholders. Must have excellent written, presentation and verbal skills with fluent English (written and verbal). Accomplished Stakeholder Manager, confident and adept at engaging with a wide range of Stakeholders. A sound understanding of contemporary information and security technologies, practice and issues. Experience and knowledge of IT processes and practices. Experience and practitioner of Agile working (e.g. SAFe, Scrum, etc.), plus waterfall and hybrid delivery. Relevant degree or equivalent experience. Experience Preferred:
GRC experience gained in regulated businesses (e.g. Financial Services, Telco, Pharma). Experience of working in a global role, with knowledge and expertise of managing on a global basis. Project or Programme Management experience. Extensive and Enhanced Package referencing. Adverse Media Search experience. Additional Information:
2-3 days in the office is required. This role is INSIDE IR35. Do not miss out on your chance of interview –
APPLY NOW! Our Clients are
unable
to provide sponsorship for Tier 2 General Visas; therefore, only candidates eligible to work in the UK need apply! Caresoft Global Limited operates as an Employment Business and Employment Agency. We are an independent highly-experienced recruitment consultancy dedicated to specialist markets within the Automotive, Aerospace, Agricultural & Construction Industries. No terminology within this advert is intended to unlawfully discriminate on the grounds of age, sex, race or disability and we welcome all applications.
#J-18808-Ljbffr
