Job DescriptionJOB TITLE: Cyber Security Lead
LOCATION: Glasgow City Centre
SALARY/RATE AND BENEFITS: £350 - £425 per day
YOU MUST HAVE THE FOLLOWING: A developed awareness of Cyber Security & Cyber Threat Landscape
IDEALLY YOU ALSO HAVE: Experience of producing security risk assesments and action plans.
COMPANY INFORMATION: Scottish Power UK PLC
The Cyber Security landscape has continued to evolve over the past few years with a record number of incidents and threats being reported. The Cyber Security team has continued to develop to meet the demands of our business in addressing the associated risks of the increased threats however; the increased demand on the team's time from the business areas isn't sustainable in the short to medium term.
This post will be focussed on the following deliverables in order to strengthen the Cyber risk position;
Continue to develop and embed the Cyber risk management culture in our business.
With the elevated geo-political Cyber threat and risk position these posts will provide additional support to the business in conducting risk management assurance activities. Support our business in conducting risk management assurance activities given
Lead on asset topography mapping
Assist in the delivery/deployment of our Corporate GRC software
Review and provide recommendations on our supply chain process with a focus on risk
Support our business through NISD CAF process
Delivery of these activities will assist the team to also socialise and embed the Cyber Security Controls Framework across the businesses and further assist the business in development of the
Background, Experience & Skills
A developed awareness of Cyber Security & Cyber Threat Landscape
Demonstrable experience in a Cyber Security risk management role
Experience in supporting stakeholders during implementation/maturation of risk assessment/analysis methodologies (i.e. IRAM v2, ISO/IEC 31000:2009, 27005:2011, ISACA COBIT 5 etc.)
Industry recognised qualifications such CISA, CISM, CISSP or any SANS certifications would be beneficial but not mandatory
Understanding of pending changes impacting the industry such as GDPR, NIS etc.
Knowledge of a range of security risk mitigations
Experience of producing security risk assessments and actions plans
Speak to Derek Anderson today