InfoSec Governance, Risk and Assurance Manager
London, England, United Kingdom
Clear Channel UKGet effective out of home and DOOH advertising spaces in your local area with Clear Channel UK. Get in touch with us to discuss your advertising options.
Clear Channel Europe, a leader in the advertising world, boasts an impressive portfolio across 13 markets.
Driven by consumer trends, advances in technology and the engagement possibilities of digital media; the world’s oldest advertising medium is undergoing a massive wave of digitalisation.
Clear Channel’s mission is to create the future of media and our European Technology Team is at the forefront of this transformation.
About the role
As Information Security Governance, Risk, and Assurance Manager, your primary responsibilities will be to provide support to the Head of Information Security helping them to ensure that the Information Security (IS) programme is aligned to the current business goals and objectives, and that IS risk is adequately managed and the performance of IS processes is on par with business expectations.
You will play an essential role in securing and maintaining ISO 27001 and other industry certification (as required) to enhance the security posture of the organisation and help it secure future business opportunities.
You will contribute to maintaining an adequate and proportionate set of Information Security policies and standard to establish “how good looks like” and help tracking and measuring how organisation delivers against those requirements.
You will be responsible for:
- managing IS risk register and facilitating ongoing dialog between key business stakeholders, risk owners, and risk treatment action owners to ensure all IS risk is adequately recognised, documented and managed.
- establishing and maintaining an adequate IS Awareness and Training programme to bolster our resilience to IS threats and help our employees to act as the first line of defence.
- identifying, documenting and tracking metrics (including Key Performance Indicators, Key Control Indicators and Key Risk Indicators) to help measure the performance of IS processes and controls in the support of established IS business goals and objectives.
- Strategic IS planning and forming associated programmes, roadmaps, initiatives and goals.
- Maintaining adequate IS policies and standards commensurate with business objectives and risk appetite.
- Establishing IS risk management modus operandi and defining associated processes and artifacts.
- Establishing, managing and delivering against an agreed IS education and awareness programme.
- Securing and maintaining IS certification for agreed standards, baselines and benchmarks.
Risk Management area:
- Maintaining the central IS risk register and acting as an initial point of contact for risk escalation.
- Supporting stakeholders in carrying out IS risk assessments, analyses, and Business Impact Analysis (BIA).
- Monitoring execution of agreed IS risk treatment actions timely escalating non-conformance.
- Carrying out ongoing horizon scanning for emerging IS risk and treatment opportunities.
- Identifying, documenting, and tracking performance metrics adequate to monitoring IS strategy execution.
- Designing, maintaining, and publishing (at agreed intervals) IS performance scorecards and dashboards.
- Providing operational support for IS-related audits and assessments (e.g., penetration testing, red teaming).
- Providing operational support for vendor onboarding and review processes involving IS elements
What we’re looking for
- Years of successful performance in the IS GRA field in a commercial environment.
- Line management experience.
- Good practical experience of establishing, maintaining, and implementing security policies and standards.
- Good practical knowledge of ISO 27001 / 27002 standards, including:
implementing, and documenting associated controls.
monitoring control adequacy and performance.
- Good practical knowledge of IS risk management practices, including:
knowledge of the ISO 27005 standard and associated methodology;
risk identification, analysis, evaluation and identifying risk treatment options;
maintaining risk registers and tracking risk treatment actions.
- Practical experience in tracking delivery of IS goals and objectives through:
common metrics such as KPIs, KCIs and KRIs; scorecards and dashboards.
- A demonstrable track of delivering successful IS education and awareness programmes.
- Practical experience in providing operational support for audits and assessments.
- Practical experience in vendor onboarding and review processes.
- Good practical knowledge of the following acts and their control requirements:
EU General Data Protection Regulation (GDPR);
UK Data Protection Act DPA (DPA).
What’s in it for you?
Our people are bonded by a humility and commitment to challenge the status quo.
We offer a great team to be a part of, a home for your individuality, as well as a place to bring fresh ideas and to grow and develop.
We have a fun and informal culture while also being a future-facing business that wants to make a difference. So, Bring you. Shape us.
- 32 days paid holiday (including BH)
- Hybrid working
- Company Pension Scheme and Life Insurance
- Access to cycle to work scheme, season ticket loans and a whole host of discounts across 100s of retailers
- Access to Simple Health Cash Plan
- Access to Clear Channels Learning Pot
At Clear Channel we believe in fairness and as an equal opportunities employer we work hard to foster an inclusive environment, a place you can truly be yourself and be treated fairly. We focus purely on skills and behaviours so if you'd like the opportunity to help us create the future of media, out of home, we'd like to hear from you.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Perks/benefits: Career development
More jobs like this
Madrid, Spain Madrid, Spain Full TimeSenior Senior-levelUSD 60K - 112K * USD 60K+ *
Senior Support Operations - Program Manager - Vulnerability ManagementAgile Analytics Automation Compliance Computer Science Data Analytics +7
Career development Equity Fitness / gym Flex vacation Insurance +2
Martlesham Heath, Ipswich, United … Martlesham Heath, Ipswich, United Kingdom Full TimeSenior Senior-levelUSD 60K - 112K * USD 60K+ *
Senior Manager- Future Cyber DefenceAnalytics Artificial Intelligence Computer Science Strategy
Career development Competitive pay Flex hours Salary bonus Team events
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Consultant infrastructure sécurité H/F jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Product Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Ingénieur DevSecops H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Cyber Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Windows-related jobs
- Open Agile-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs
- Open IDS-related jobs
- Open CI/CD-related jobs
- Open APIs-related jobs
- Open Splunk-related jobs