IT Risk and Governance Manager - IT Audit - PCI - SWIFT - BCP Contract: Permanent, full time, 35 hours per week Location: Kings Hill-based (Kent) with hybrid working (Average of 2 days per week in the Kings Hill office) Would you like to join a dynamic team and make a significant impact on the key areas of IT risk and governance as we progress our cloud adoption journey? We're looking for a talented IT Risk and Governance Manager to join our IT Team. What you'll do As our IT Risk and Governance Manager you too will play an integral part in what we do. As our IT Risk and Governance Manager you will: - Report to CISO on all matters related to IT risks and governance. - Collaborate with IT managers to identify, assess, and mitigate IT risks. - Facilitate IT audits to ensure compliance with internal and external requirements. - Own and manage program of IT assessments and compliance requirements. - Collaborate with internal stakeholders to align IT risk and governance with business objectives and risk appetite. - Improve maturity of the function, including the management of IT risk and governance policies, procedures, administration and reporting for IT and Exec stakeholders. Who you'll be This role is for you if you have experience of working in IT with a governance, risk or compliance role or have relevant transferable skills and are keen to make a difference to society. We are looking for: - Proven experience in IT risk management and governance. - Working knowledge of IT risk management and compliance frameworks. - Excellent communication and interpersonal skills. - Ability to work collaboratively with internal and external stakeholders. - Strong organizational, administration and project management skills. IT Audit and Assessment Management: Collaborate with relevant stakeholders to create, own and maintain a forward plan for various audit, risk and governance activities, including internal audits, external audits, IT assessments, DR and IT BCP tests and policy review schedules. Co-ordinate and facilitate the execution of IT audits and assessments, including but not limited to PCI DSS, SWIFT, and Cyber Insurance. Measure and report adherence to IT risk management policies and procedures, making recommendations for improvements where necessary, to ensure compliance with relevant industry standards, regulations, and best practices. IT Risk Management: Own and maintain the IT risk register, risk acceptances, risk assessments and associated risk artifacts, ensuring they are kept updated, all identified risks have owners, are appropriately assessed, categorised with an agreed and documented treatment plan. Collaborate across IT and group Governance teams to identify, register and document emerging risks, and status of planned remediation for existing risks, for escalation and management reporting. BCP Documentation: Maintain and update the IT Business Continuity Plan (BCP) documents, ensuring they reflect current business processes and IT systems. Ensure IT staff are aware and prepared for BCP through, communication, documentation and testing exercises. IT Governance Reporting and MI: Work closely with IT senior management to ensure all IT risk, governance and assurance reporting artifacts are up-to-date, accurate and available for IT governance and organisational executive stakeholder meetings. IT Departmental Process Owner: Take ownership of specific IT departmental policies and processes, such as Fire Evacuation procedures, Recruitment processes, Data Protection Impact Assessments (DPIA), Records of Processing Activities (ROPA), External Data Transfers, Disaster Recovery (DR) call tree, and IT departmental DR processes. Manage and enhance these processes to ensure efficiency and compliance.
27/03/2024
Full time
IT Risk and Governance Manager - IT Audit - PCI - SWIFT - BCP Contract: Permanent, full time, 35 hours per week Location: Kings Hill-based (Kent) with hybrid working (Average of 2 days per week in the Kings Hill office) Would you like to join a dynamic team and make a significant impact on the key areas of IT risk and governance as we progress our cloud adoption journey? We're looking for a talented IT Risk and Governance Manager to join our IT Team. What you'll do As our IT Risk and Governance Manager you too will play an integral part in what we do. As our IT Risk and Governance Manager you will: - Report to CISO on all matters related to IT risks and governance. - Collaborate with IT managers to identify, assess, and mitigate IT risks. - Facilitate IT audits to ensure compliance with internal and external requirements. - Own and manage program of IT assessments and compliance requirements. - Collaborate with internal stakeholders to align IT risk and governance with business objectives and risk appetite. - Improve maturity of the function, including the management of IT risk and governance policies, procedures, administration and reporting for IT and Exec stakeholders. Who you'll be This role is for you if you have experience of working in IT with a governance, risk or compliance role or have relevant transferable skills and are keen to make a difference to society. We are looking for: - Proven experience in IT risk management and governance. - Working knowledge of IT risk management and compliance frameworks. - Excellent communication and interpersonal skills. - Ability to work collaboratively with internal and external stakeholders. - Strong organizational, administration and project management skills. IT Audit and Assessment Management: Collaborate with relevant stakeholders to create, own and maintain a forward plan for various audit, risk and governance activities, including internal audits, external audits, IT assessments, DR and IT BCP tests and policy review schedules. Co-ordinate and facilitate the execution of IT audits and assessments, including but not limited to PCI DSS, SWIFT, and Cyber Insurance. Measure and report adherence to IT risk management policies and procedures, making recommendations for improvements where necessary, to ensure compliance with relevant industry standards, regulations, and best practices. IT Risk Management: Own and maintain the IT risk register, risk acceptances, risk assessments and associated risk artifacts, ensuring they are kept updated, all identified risks have owners, are appropriately assessed, categorised with an agreed and documented treatment plan. Collaborate across IT and group Governance teams to identify, register and document emerging risks, and status of planned remediation for existing risks, for escalation and management reporting. BCP Documentation: Maintain and update the IT Business Continuity Plan (BCP) documents, ensuring they reflect current business processes and IT systems. Ensure IT staff are aware and prepared for BCP through, communication, documentation and testing exercises. IT Governance Reporting and MI: Work closely with IT senior management to ensure all IT risk, governance and assurance reporting artifacts are up-to-date, accurate and available for IT governance and organisational executive stakeholder meetings. IT Departmental Process Owner: Take ownership of specific IT departmental policies and processes, such as Fire Evacuation procedures, Recruitment processes, Data Protection Impact Assessments (DPIA), Records of Processing Activities (ROPA), External Data Transfers, Disaster Recovery (DR) call tree, and IT departmental DR processes. Manage and enhance these processes to ensure efficiency and compliance.
Job title: Senior Commercial Finance Manager (Energy Transition) Type: Contract: 12-18 month Location: Near Reading Station (Hybrid working) Competitive salary/daily rate MBNL is jointly owned by EE and Three, two of the UK's leading and most innovative mobile operators. Established in 2007 as the industry's first network-sharing joint venture, MBNL's mission is to provide best-in-class mobile infrastructure services to EE and Three for serving their tens of millions of customers in the UK. Working at MBNL means being part of a team where you feel connected, valued, and supported. The Role works alongside senior stakeholders in MBNL, BT and H3G across Finance, Commercial, Property & Legal teams. Being the finance Lead for an area that is being revolutionised through deployment activity. The Finance Lead will manage external partners through the fast paced and changing business environment on behalf of shareholders with competing priorities. The Finance Lead will be responsible to hold suppliers, internal stakeholders and shareholders to account as well as still prioritising, manage workloads and undertake ad hoc tasks with tight deadlines, What you will do: Act as Finance Lead, Business Partner, and accountable owner for following Main Areas on behalf of Head of Commercial Finance and Finance Director Finance Lead on RFPs/Procurement activities for Energy Management Contracts Transition of outsourced Finance and accounting processes successfully from current Energy Provider(s) to the new Supplier(s) in line with underlying commercial arrangements and internal processes Influence and negotiate with internal and external stakeholders including outsourced partners and shareholders to get the best outcome Keep all stakeholders abreast of the impacts on the budgets and forecasts through robust financial modelling and business cases Identify and articulate the impacts on existing processes and put solutions in place Leading on Budget conversations to ensure appropriate funding is in place Robustly challenging business activities to ensure best value for money Enforcing appropriate governance, controls and financial management of all processes Support the Site Running Financial and Operational teams to ensure costs are correctly apportioned to each Shareholder in line with their Power Purchasing Strategies Drive MBNL outsourced suppliers to deliver the services required to manage individual Shareholder Power Purchasing Strategies Forecast future shareholder specific consumption requirements and provide impact assessments. Quantify risks to MBNL budget and Shareholder Power Purchasing Strategies from changes in energy profiles and price movement and provide recommendations. The ideal candidate: Professional qualification: CIMA/ACA/ACCA Demonstrable Financial Management, Planning & Analysis experience Excellent understanding of the energy market including energy management and power strategies. Proven record of Commercial and Procurement activities High degree of Commercial Acumen Process Improvements Financial/Datamodelling & Business Cases A proven track record of bringing the outside in to your organisation and using this to drive improvements. To apply for this position, please send your CV to (see below) Project People is acting as an Employment Business in relation to this vacancy.
27/03/2024
Project-based
Job title: Senior Commercial Finance Manager (Energy Transition) Type: Contract: 12-18 month Location: Near Reading Station (Hybrid working) Competitive salary/daily rate MBNL is jointly owned by EE and Three, two of the UK's leading and most innovative mobile operators. Established in 2007 as the industry's first network-sharing joint venture, MBNL's mission is to provide best-in-class mobile infrastructure services to EE and Three for serving their tens of millions of customers in the UK. Working at MBNL means being part of a team where you feel connected, valued, and supported. The Role works alongside senior stakeholders in MBNL, BT and H3G across Finance, Commercial, Property & Legal teams. Being the finance Lead for an area that is being revolutionised through deployment activity. The Finance Lead will manage external partners through the fast paced and changing business environment on behalf of shareholders with competing priorities. The Finance Lead will be responsible to hold suppliers, internal stakeholders and shareholders to account as well as still prioritising, manage workloads and undertake ad hoc tasks with tight deadlines, What you will do: Act as Finance Lead, Business Partner, and accountable owner for following Main Areas on behalf of Head of Commercial Finance and Finance Director Finance Lead on RFPs/Procurement activities for Energy Management Contracts Transition of outsourced Finance and accounting processes successfully from current Energy Provider(s) to the new Supplier(s) in line with underlying commercial arrangements and internal processes Influence and negotiate with internal and external stakeholders including outsourced partners and shareholders to get the best outcome Keep all stakeholders abreast of the impacts on the budgets and forecasts through robust financial modelling and business cases Identify and articulate the impacts on existing processes and put solutions in place Leading on Budget conversations to ensure appropriate funding is in place Robustly challenging business activities to ensure best value for money Enforcing appropriate governance, controls and financial management of all processes Support the Site Running Financial and Operational teams to ensure costs are correctly apportioned to each Shareholder in line with their Power Purchasing Strategies Drive MBNL outsourced suppliers to deliver the services required to manage individual Shareholder Power Purchasing Strategies Forecast future shareholder specific consumption requirements and provide impact assessments. Quantify risks to MBNL budget and Shareholder Power Purchasing Strategies from changes in energy profiles and price movement and provide recommendations. The ideal candidate: Professional qualification: CIMA/ACA/ACCA Demonstrable Financial Management, Planning & Analysis experience Excellent understanding of the energy market including energy management and power strategies. Proven record of Commercial and Procurement activities High degree of Commercial Acumen Process Improvements Financial/Datamodelling & Business Cases A proven track record of bringing the outside in to your organisation and using this to drive improvements. To apply for this position, please send your CV to (see below) Project People is acting as an Employment Business in relation to this vacancy.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
22/03/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
22/03/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a M365 SharePoint Platform Manager. Candidate will be responsible for leading one or more M365 products in the continued development, management and support of M365 products including MS Teams, SharePoint Online, Planner and Streams. Responsibilities: Provide leadership in establishing robust M365 service administration protocols, and they will work with their colleagues in identifying, documenting, and supporting our business use cases for our evolving, core device-top services Administers the Firm's M365 collaboration tools, including SharePoint Online, MS Teams, OneNote, OneDrive, Streams, Planner, Viva Engage, etc Provisions sites and accounts, and oversees management of the provisioning process, using any tools provided to facilitate the process Continually develops the processes and policies for provisioning Forms a community with the firm's Global Assistant Director of M365 Platform, the Cloud Architect, the Enterprise Application Architect (and with others as needed) to provide collective oversight of the M365 ecosystem Promotes optimal useability of M365 services Monitors Microsoft's roadmap for upgrades to M365 services and establishes the mechanisms by which we share relevant changes with our people Works with the office of the Director of Information Governance in ensuring content management policies for M365 are in compliance and updated as business needs evolve Works closely with the Security team, prioritizing safety of the firm's systems and content Identifies potential points of integration between M365 services on the core device-top and works with technical colleagues to deliver key integrations Promotes use of the data available via the Microsoft admin portal to identify areas of untapped benefit, and to foster our continuing path towards a data-driven organization Provides level three support for functional requests relating to M365 collaboration services Continually evaluates opportunities to improve our people's experience of technology, preferably in a scalable way Coach and mentor to other team members, providing training if required Foster trust and build relationships with the other Information Technology teams Develop and/or lead change management efforts across all phases of projects and initiatives to drive the Firm's culture of continuous improvement Attends regular vendor meetings for areas of expertise, stays informed of latest technology road-maps, security notifications, and bug/hot fixes Ensures vendors provide proper levels of support, maintain SLA's, and provide root cause analysis for escalated issues Ensures all team, departmental and firm policies and procedures are adhered to, including technical change management and service continuity Where appropriate, attends user groups independently or with senior managers and makes recommendations of how improvements can be made Attends and contributes to team meetings Completes all administrative tasks, ie, (time tracking, project and task updates, trouble ticket notes, status reports, responding to email, etc.) accurately and on time Performs other duties as assigned or required to meet Firm goals and objectives Qualifications: Bachelor's degree in Computer Science or a related field. 5+ years of M365 product experience Prior experience in M365, specifically MS Teams and SharePoint Online administration, and guiding their use within an organization In depth knowledge of SharePoint Online and Microsoft Teams is required Holistic knowledge of the M365 Suite is required Knowledge of Intapp Workspaces is helpful PowerShell Scripting Excellent collaboration, interpersonal, and communication skills Proven change management skills M365 certification, such as MS Teams Specialist, SPO Admin and or Development
21/03/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a M365 SharePoint Platform Manager. Candidate will be responsible for leading one or more M365 products in the continued development, management and support of M365 products including MS Teams, SharePoint Online, Planner and Streams. Responsibilities: Provide leadership in establishing robust M365 service administration protocols, and they will work with their colleagues in identifying, documenting, and supporting our business use cases for our evolving, core device-top services Administers the Firm's M365 collaboration tools, including SharePoint Online, MS Teams, OneNote, OneDrive, Streams, Planner, Viva Engage, etc Provisions sites and accounts, and oversees management of the provisioning process, using any tools provided to facilitate the process Continually develops the processes and policies for provisioning Forms a community with the firm's Global Assistant Director of M365 Platform, the Cloud Architect, the Enterprise Application Architect (and with others as needed) to provide collective oversight of the M365 ecosystem Promotes optimal useability of M365 services Monitors Microsoft's roadmap for upgrades to M365 services and establishes the mechanisms by which we share relevant changes with our people Works with the office of the Director of Information Governance in ensuring content management policies for M365 are in compliance and updated as business needs evolve Works closely with the Security team, prioritizing safety of the firm's systems and content Identifies potential points of integration between M365 services on the core device-top and works with technical colleagues to deliver key integrations Promotes use of the data available via the Microsoft admin portal to identify areas of untapped benefit, and to foster our continuing path towards a data-driven organization Provides level three support for functional requests relating to M365 collaboration services Continually evaluates opportunities to improve our people's experience of technology, preferably in a scalable way Coach and mentor to other team members, providing training if required Foster trust and build relationships with the other Information Technology teams Develop and/or lead change management efforts across all phases of projects and initiatives to drive the Firm's culture of continuous improvement Attends regular vendor meetings for areas of expertise, stays informed of latest technology road-maps, security notifications, and bug/hot fixes Ensures vendors provide proper levels of support, maintain SLA's, and provide root cause analysis for escalated issues Ensures all team, departmental and firm policies and procedures are adhered to, including technical change management and service continuity Where appropriate, attends user groups independently or with senior managers and makes recommendations of how improvements can be made Attends and contributes to team meetings Completes all administrative tasks, ie, (time tracking, project and task updates, trouble ticket notes, status reports, responding to email, etc.) accurately and on time Performs other duties as assigned or required to meet Firm goals and objectives Qualifications: Bachelor's degree in Computer Science or a related field. 5+ years of M365 product experience Prior experience in M365, specifically MS Teams and SharePoint Online administration, and guiding their use within an organization In depth knowledge of SharePoint Online and Microsoft Teams is required Holistic knowledge of the M365 Suite is required Knowledge of Intapp Workspaces is helpful PowerShell Scripting Excellent collaboration, interpersonal, and communication skills Proven change management skills M365 certification, such as MS Teams Specialist, SPO Admin and or Development