Senior IT Risk Management Specialist

Life Unlimited. At Smith+Nephew we design and manufacture technology that takes the limits off living.

The role is key to the evolution of the IT Risk Management program at Smith+Nephew (S+N).  A holistic IT Risk Management Program requires the proactive pursuit of unknown IT Risk.  This resource is required to lead this drive.  This program is a critical component of a broader Cyber Security Maturity Program, with the backing of Senior Leadership.

The Senior IT Risk and Controls Specialist works in the Information Technology Group and reports to the IT Director of Governance Risk and Compliance (GRC).

The Risk Discovery Program identifies, analyses and treats risks related to the following:

 - IT and Information Security functions and technologies e.g. Disaster Recovery, DDoS, Vulnerability Management

 - IT Projects, new software, M&A

 - IT Systems, Network Infrastructure, Security Infrastructure and Cloud Environments

 - New threats relating to the Medical Device industry, regions of operation and IT technologies

What will you be doing?

• The design and implement a program of audits to identify, document, analyze and treat risks across the organization
• The Senior Specialist will be required to engaged with Business, IT, IS and Project team members, at various levels in the organization, in the execution of assessments and deployment of controls.  
• Conducting Risk Discovery Audits and recommending risk treatments
• Monitoring the treatment of risks identified in prior audits
• Monitoring research organizations, media and other sources, for emerging threats or new information security regulations and law that that might impact S+N

What you will need to be successful?

• The role requires a strong background in IT Audit, Information Security and Risk Management, evidenced by relevant Industry Certification.
• As such a confident self-starter is would be best suited, who can design and deliver the program without micro management.
• Excellent communication and presentation skills will be essential (Must be fluent in English)
• One or more professional qualifications related to Information Security and Risk Management, are required CISA, CIA, CCSP, CRISC
• Prior experience in healthcare industry e.g. Medical Devices, Pharmaceuticals, will be an advantage

You. Unlimited.

We believe in creating the greatest good for society. Our strongest investments are in our people and the patients we serve. 

Inclusion, Diversity and Equity: Committed to Welcoming, Celebrating and Thriving on Diversity, Learn more about our Employee Inclusion Groups on our website

Your Future: annual bonus, life insurance, company stock saving plan

Work/Life Balance: paid volunteering hours, flexible approach

Your Wellbeing: private health care with dental care package, multisport card/my benefit platform

Flexibility: possibility of working in hybrid model

Training: Hands-On, Team-Customized, subsidies for language classes, certifications and postgraduate studies

Extra Perks: referral bonus, recognition program, mentoring program

#LI-GG1

#LI-HYBRID

Stay connected and receive alerts for jobs like this by joining our talent community.

We're more than just a company - we're a community! Follow us on LinkedIn to see how we support and empower our employees and patients every day.  

Check our Glassdoor page for a glimpse behind the scenes and a sneak peek into You. Unlimited., life, culture, and benefits at S+N.

Explore our new website and learn more about our mission, our team, and the opportunities we offer.