IT Security & Risk Manager
||IT Security & Risk Manager
IT Security & Risk Manager
- Mainly remote - ad hoc office time in Stoke and or Manchester
- £69,000 + car allowance + bonus
My client a leading pharmaceutical business in the UK are actively looking for a new IT Security & Risk Manager to join their team. Reporting to the IT Director, you will lead a small team of 3 and will have total ownership for managing the information security function.
- Lead the IT security of the IT estate, delivering a clear view of risk and mitigation plans for vulnerabilities.
- Gather external insight into security threats, assess the level of risk and provide clear and documented positions on recommendation.
- Senior stakeholder management to identify requirements and level of risk for future business operations.
- Understand relevant regulations and work closely with other colleagues (e.g. internal audit and DPO) to agree the requirement for IT and agree an appropriate plan at exec level.
- Ensure adequate Disaster Recovery and Business Continuity plans are in place for all key systems.
- Primary accountability for management of major security third party suppliers both commercially and technically to drive down cost and improve support functionality.
- Work with IT Architecture team to develop IT security roadmaps to drive efficiency and reduce service impacts.
- Create and maintain working practices & policies for to adhere to in the ongoing complexity of security risks.
- Develop the team to be subject matter experts on IT Security covering all systems and data, including Digital products and software as a service platforms.
- Provide leadership in the event of any major security incidents.
- Lead the IT response to any IT security audits.
- Act as the primary IT representative in Compliance & Audit committees.
- Ability to analyse technically complex issues, make informed judgments, take appropriate actions and accept responsibility for results.
- Prioritise conflicting requirements within a budget to recommend the approach to address issues based on the level of risk.
- Contributes to the 2/3-year roadmaps and plan regarding IT security and risks.
- Provides leadership in the event of major security incidents.
€‹Key knowledge and skills required for the role:
- Professional Qualification in IT Security and knowledge of relevant external regulations.
- Strong experience of third-party supplier management.
- 7 years+ experience of Cyber Security support and working practices.
- 7 years+ experience of IT infrastructure, network and telephony.
- Experience leading technical teams.
- Corporate governance and risk management.