IT Security & Risk Manager

IT Security & Risk Manager

• Mainly remote - ad hoc office time in Stoke and or Manchester
• £69,000 + car allowance + bonus

My client a leading pharmaceutical business in the UK are actively looking for a new IT Security & Risk Manager to join their team. Reporting to the IT Director, you will lead a small team of 3 and will have total ownership for managing the information security function.

The role:

• Lead the IT security of the IT estate, delivering a clear view of risk and mitigation plans for vulnerabilities.
• Gather external insight into security threats, assess the level of risk and provide clear and documented positions on recommendation.
• Senior stakeholder management to identify requirements and level of risk for future business operations.
• Understand relevant regulations and work closely with other colleagues (e.g. internal audit and DPO) to agree the requirement for IT and agree an appropriate plan at exec level.
• Ensure adequate Disaster Recovery and Business Continuity plans are in place for all key systems.
• Primary accountability for management of major security third party suppliers both commercially and technically to drive down cost and improve support functionality.
• Work with IT Architecture team to develop IT security roadmaps to drive efficiency and reduce service impacts.
• Create and maintain working practices & policies for to adhere to in the ongoing complexity of security risks.
• Develop the team to be subject matter experts on IT Security covering all systems and data, including Digital products and software as a service platforms.
• Provide leadership in the event of any major security incidents.
• Lead the IT response to any IT security audits.
• Act as the primary IT representative in Compliance & Audit committees.
• Ability to analyse technically complex issues, make informed judgments, take appropriate actions and accept responsibility for results.
• Prioritise conflicting requirements within a budget to recommend the approach to address issues based on the level of risk.
• Contributes to the 2/3-year roadmaps and plan regarding IT security and risks.
• Provides leadership in the event of major security incidents.

€‹Key knowledge and skills required for the role:

• Professional Qualification in IT Security and knowledge of relevant external regulations.
• Strong experience of third-party supplier management.
• 7 years+ experience of Cyber Security support and working practices.
• 7 years+ experience of IT infrastructure, network and telephony.
• Experience leading technical teams.
• Corporate governance and risk management.