Connecting linkedin

Head of Information Risk

  • Location

    United Kingdom,City of London

  • Sector:

    Information Security

  • Job type:

    Permanent

  • Salary:

    £75000 - £85000 per annum

  • Contact:

    Ana Gaffney

  • Contact email:

    anag@montash.com

  • Contact phone:

    020 7014 0230

  • Salary high:

    85000

  • Salary low:

    75000

  • Job ref:

    AG44_47655

  • Published:

    over 4 years ago

  • Expiry date:

    2015-08-19

  • Startdate:

    ASAP

Montash are currently working with a multinational financial services organisation that is in need of a Head of IT Risk. This individual will be heavily involved with key stakeholders within the organisation in addition to 3rd parties, so previous exposure to stakeholders is a must. The Head of IT Risk will have a large impact on the organisation's information security strategy, therefore technical knowledge and background in information risk is essential.

Responsibilities:

  • Engaging and building strong relationships with senior stakeholders within the organisation and gaining support in relation to risk management activities.
  • Delivering a pragmatic IT Risk management strategy that aligns with business objectives.
  • Developing and updating the risk management framework, processes and governance.
  • Implementing a Governance, Risk and Compliance tool (Archer).
  • Driving improvement within IT governance, risk and compliance.
  • Assessing the adequacy of information security policies and remediation activities.
  • Coordinating and managing risk assessments and ensuring compliance with ISO 27001.
  • Leading a team of information security experts.

 

Key skills:

  • 5+ years' experience within a global company.
  • Broad Information Security knowledge and highly experienced within IT Risk.
  • Having delivered an ISMS against ISO 27001 and experience with a range of IT Risk frameworks including COBIT or ITIL.
  • Excellent communication and negotiation skills.
  • Previous exposure to key decision makers within organisations.
  • Leadership and extensive managerial experience.
  • Experience with GRC tools.
  • University degree, preferably in Information Security or Computer Science.
  • CISSP/ CISA/ CISM/ CRISC or similar certifications.