*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life-cycle management of client responses, Policy & Standards life-cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
30/05/2023
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life-cycle management of client responses, Policy & Standards life-cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
Product Assurance Engineer A fantastic opportunity has arisen for a Product Assurance Engineering professional to join the Product Assurance Equipment Engineering team supporting a variety of Electronic or Mechanical Equipment in Development. We are currently looking to hire 3 Product Assurance Engineers who have worked in either mechanical engineering or electronics engineering . This opportunity provides the chance to play a pivotal role within an established PA team Embedded within either Electronic Engineering or Mechanical Engineering with the aim of ensuring all core PA activities are met and closely working with major project Product Assurance Managers across the business, preventing/minimising product non-conformance, supporting smooth equipment delivery, assuring reliable products and increasing customer satisfaction. Please note: We operate under strict security clearance guidelines so candidates must have a British passport Location: Stevenage - 2 or 3 days per week in office What's in it for you: Salary up to £45,000 + bonus Paid overtime (!) Annual salary review Excellent career growth opportunities Comprehensive pension package up to 14% Collaborative working environment with exceptional facilities Excellent onsite benefits including free parking, very subsidised meals and gym The Role: The role responsibilities and activities are slightly different dependent on whether you would work in mechanical engineering or electronics engineering. We have written a different set of job responsibilities for each area: For Mechanical Engineering: Lead and ensure adherence to ME process governance, ownership, and reviews Support process improvement and lessons learned in ME Ensure compliance with BMS procedures in ME equipment projects Manage Product Life Cycle reviews and actions Handle Product Non-Conformance, investigations, and reporting Identify and mitigate quality risks for in-house equipment Conduct local audits for process adherence and improvement Plan and deliver focused quality training sessions Electronics Engineering: Ensure compliance with Electronic Engineering BMS procedures Plan and conduct Product Life Cycle reviews and manage related actions Manage Product Non-Conformance, including facilitating the implementation of the process, supporting defect investigations, and providing analysis and reports Proactively identify and mitigate Quality risks for in-house equipment, aiming to increase customer satisfaction Participate in engineering process improvement and conduct local audits for compliance and process enhancement Plan and deliver quality-focused training to enhance awareness, efficiency, and competencies within the engineering team Take advantage of excellent learning and development opportunities, site facilities, and bonus scheme What we need from you: HNC/HND in Engineering or Quality Assurance preferred, or equivalent work experience Experienced quality professionals, preferably within Mechanical Engineering or Electronic Engineering with a proven record in Product Assurance Proficiency in current QA problem-solving and improvement methods such as 8D, RCA, DMAIC, etc An understanding of standards such as AS9100 or ISO9001 Good knowledge of the product life cycle - specifically in development Strong analytical skills, including running reports in Excel and utilising SAP QM and document management tools Demonstrated awareness of continuous improvement and a drive to deliver results If you would like to know more details about the position or want to register your interest, hit apply below. We'd love to hear from you!
30/05/2023
Full time
Product Assurance Engineer A fantastic opportunity has arisen for a Product Assurance Engineering professional to join the Product Assurance Equipment Engineering team supporting a variety of Electronic or Mechanical Equipment in Development. We are currently looking to hire 3 Product Assurance Engineers who have worked in either mechanical engineering or electronics engineering . This opportunity provides the chance to play a pivotal role within an established PA team Embedded within either Electronic Engineering or Mechanical Engineering with the aim of ensuring all core PA activities are met and closely working with major project Product Assurance Managers across the business, preventing/minimising product non-conformance, supporting smooth equipment delivery, assuring reliable products and increasing customer satisfaction. Please note: We operate under strict security clearance guidelines so candidates must have a British passport Location: Stevenage - 2 or 3 days per week in office What's in it for you: Salary up to £45,000 + bonus Paid overtime (!) Annual salary review Excellent career growth opportunities Comprehensive pension package up to 14% Collaborative working environment with exceptional facilities Excellent onsite benefits including free parking, very subsidised meals and gym The Role: The role responsibilities and activities are slightly different dependent on whether you would work in mechanical engineering or electronics engineering. We have written a different set of job responsibilities for each area: For Mechanical Engineering: Lead and ensure adherence to ME process governance, ownership, and reviews Support process improvement and lessons learned in ME Ensure compliance with BMS procedures in ME equipment projects Manage Product Life Cycle reviews and actions Handle Product Non-Conformance, investigations, and reporting Identify and mitigate quality risks for in-house equipment Conduct local audits for process adherence and improvement Plan and deliver focused quality training sessions Electronics Engineering: Ensure compliance with Electronic Engineering BMS procedures Plan and conduct Product Life Cycle reviews and manage related actions Manage Product Non-Conformance, including facilitating the implementation of the process, supporting defect investigations, and providing analysis and reports Proactively identify and mitigate Quality risks for in-house equipment, aiming to increase customer satisfaction Participate in engineering process improvement and conduct local audits for compliance and process enhancement Plan and deliver quality-focused training to enhance awareness, efficiency, and competencies within the engineering team Take advantage of excellent learning and development opportunities, site facilities, and bonus scheme What we need from you: HNC/HND in Engineering or Quality Assurance preferred, or equivalent work experience Experienced quality professionals, preferably within Mechanical Engineering or Electronic Engineering with a proven record in Product Assurance Proficiency in current QA problem-solving and improvement methods such as 8D, RCA, DMAIC, etc An understanding of standards such as AS9100 or ISO9001 Good knowledge of the product life cycle - specifically in development Strong analytical skills, including running reports in Excel and utilising SAP QM and document management tools Demonstrated awareness of continuous improvement and a drive to deliver results If you would like to know more details about the position or want to register your interest, hit apply below. We'd love to hear from you!
Role: Risk Assurance Manager - SC Cleared Location : East Kilbride, Glasgow (2-3 days/week on site) IR35: Inside Rate: £600/day (Umbrella) Duration: 6 months Security Clearance: SC & Sole Uk Nationality Responsibilities Responsible for facilitating the identification, analysis and monitoring of Risks and Issues. Establish and maintains the Risk, issues and assumptions database and register in order to manage risk events. Ensuring risk assessments have been updated; and continuous testing of control and mitigation plans - including the risk escalation processes, in line with best practice to HMT Orange Book framework Directs the creation and format of periodic and ad-hoc Risk and Issues reports, including qualitative and quantitative risk analysis, as required by Executive teams and oversight committees. Developing a programme of regular risk and issue reviews with category teams to ensure that risk is being managed proactively and within the stated risk appetite and tolerance Implement a culture of risk and compliance acting as a subject matter expert and providing strategic level advice to senior leaders on matters relating to all aspects of internal and external risk Identify and track assurance assessments across the department and make sure appropriate remediation plans are in place and being actively managed. Monitor the department compliance to organisational objectives including policy and process and performance reporting Experience Required Essential Risk Management - understanding of your experience in a similar risk related role, preferably in a similar Matrix managed complex organisation. Risk Strategy and Implementation - Share your proven track record of formulating and implementing risk assessment and management strategies and operating practices. Planning, Reporting and Tools - Insight into your planning and organisational abilities, and evidence of your use of the Microsoft Office suite and risk management tools to deliver and report on risk. Adherence to Policy and Standards - Explain how you ensure a broad overview of the necessary procedures and regulations required to manage risk in an organisation. Leadership - Demonstrate resilience in resolving issues and in working with others to manage setbacks Stakeholder Management - Demonstrate previous experience of working collaboratively across a range of stakeholders and gaining buy-in using appropriate communication and influencing skills, preferably in a risk context. Understand how to influence senior management and communicate with both technical and non-technical audiences A detailed knowledge of governance, risk, controls, and assurance are needed to support and advise senior stakeholders on the use and effectiveness of risk management framework Knowledge/experience of the Atlassian Jira toolset would be an advantage SC Cleared To apply for this role please submit your latest CV or contact Aspect Resources
30/05/2023
Project-based
Role: Risk Assurance Manager - SC Cleared Location : East Kilbride, Glasgow (2-3 days/week on site) IR35: Inside Rate: £600/day (Umbrella) Duration: 6 months Security Clearance: SC & Sole Uk Nationality Responsibilities Responsible for facilitating the identification, analysis and monitoring of Risks and Issues. Establish and maintains the Risk, issues and assumptions database and register in order to manage risk events. Ensuring risk assessments have been updated; and continuous testing of control and mitigation plans - including the risk escalation processes, in line with best practice to HMT Orange Book framework Directs the creation and format of periodic and ad-hoc Risk and Issues reports, including qualitative and quantitative risk analysis, as required by Executive teams and oversight committees. Developing a programme of regular risk and issue reviews with category teams to ensure that risk is being managed proactively and within the stated risk appetite and tolerance Implement a culture of risk and compliance acting as a subject matter expert and providing strategic level advice to senior leaders on matters relating to all aspects of internal and external risk Identify and track assurance assessments across the department and make sure appropriate remediation plans are in place and being actively managed. Monitor the department compliance to organisational objectives including policy and process and performance reporting Experience Required Essential Risk Management - understanding of your experience in a similar risk related role, preferably in a similar Matrix managed complex organisation. Risk Strategy and Implementation - Share your proven track record of formulating and implementing risk assessment and management strategies and operating practices. Planning, Reporting and Tools - Insight into your planning and organisational abilities, and evidence of your use of the Microsoft Office suite and risk management tools to deliver and report on risk. Adherence to Policy and Standards - Explain how you ensure a broad overview of the necessary procedures and regulations required to manage risk in an organisation. Leadership - Demonstrate resilience in resolving issues and in working with others to manage setbacks Stakeholder Management - Demonstrate previous experience of working collaboratively across a range of stakeholders and gaining buy-in using appropriate communication and influencing skills, preferably in a risk context. Understand how to influence senior management and communicate with both technical and non-technical audiences A detailed knowledge of governance, risk, controls, and assurance are needed to support and advise senior stakeholders on the use and effectiveness of risk management framework Knowledge/experience of the Atlassian Jira toolset would be an advantage SC Cleared To apply for this role please submit your latest CV or contact Aspect Resources
Cyber Governance & Assurance Specialist This is an opportunity to play your part in protecting our client, their customers, and their communities from a cyber-attack. Be part of a growing dedicated security team and get ready to make a difference by bringing your cyber skills and experience onboard. You'll learn from those around you and from outstanding training and development resources to become even better at what you do. With the best technology at your fingertips, you'll be part of a friendly and flexible working environment where your contribution is always valued. What you'll do: Provide security leadership and assurance for a specific customer contract Act as the primary security contact, interfacing with your peers and our partners Work with the existing team to understand the security requirements and ensure deliverables are planned and aligned to the wider contract schedule Ensure security controls are Embedded from the outset, following Secure by Design principles through delivery and in-life Direct the delivery and maintenance of the security accreditation Manage the through life Security Management Plan and ongoing assurance of the service Manage and lead operational risk relating to people, information, assets, revenue, and reputation, to ensure compliance with relevant security requirements Be a key representative at the customer's Security Working Group (SWG) Provide security advice and direction to stakeholders and our external customer(s) Work with our Defence security operations team to ensure alignment and support from existing processes and personnel Be a security ambassador for our company, our customers, and our team You'll definitely: Already hold or be capable of achieving and maintaining the required security clearance (SC as a minimum) Have a proven track record in security and information risk management Be a SME of technical, physical, procedural, personnel security management Be experienced in working in major public industry sectors eg Defence (MoD) and/or HM Government departments or agencies Have knowledge and experience of the following security standards - ISO27001, MoD JSP604, 440 & 490, NIST, NCSC best practice Benefit from lots of different resources to help you stay in tune with latest developments and future strategy (eg Defence Cyber Protection Partnership - DCPP, Team Defence Information - TD-Info) Be experienced in communicating and influencing across all levels Be excellent at stakeholder management and be able to work with (and provide security support to) peer SMEs from other disciplines Have excellent communication and leadership qualities Be self-motivated and proactive Be organised and able to multi-task Promote security best practice and awareness You might even: Have knowledge of Secure by Design Have a NCSC Certified Cyber Professional (CCP) Information System Security Manager and/or Security & Information Risk Advisor certification or background Have a Certified Information Systems Security Professional (CISSP) certification or background Have ISO 27001 Implementor and/or Auditor certification
30/05/2023
Full time
Cyber Governance & Assurance Specialist This is an opportunity to play your part in protecting our client, their customers, and their communities from a cyber-attack. Be part of a growing dedicated security team and get ready to make a difference by bringing your cyber skills and experience onboard. You'll learn from those around you and from outstanding training and development resources to become even better at what you do. With the best technology at your fingertips, you'll be part of a friendly and flexible working environment where your contribution is always valued. What you'll do: Provide security leadership and assurance for a specific customer contract Act as the primary security contact, interfacing with your peers and our partners Work with the existing team to understand the security requirements and ensure deliverables are planned and aligned to the wider contract schedule Ensure security controls are Embedded from the outset, following Secure by Design principles through delivery and in-life Direct the delivery and maintenance of the security accreditation Manage the through life Security Management Plan and ongoing assurance of the service Manage and lead operational risk relating to people, information, assets, revenue, and reputation, to ensure compliance with relevant security requirements Be a key representative at the customer's Security Working Group (SWG) Provide security advice and direction to stakeholders and our external customer(s) Work with our Defence security operations team to ensure alignment and support from existing processes and personnel Be a security ambassador for our company, our customers, and our team You'll definitely: Already hold or be capable of achieving and maintaining the required security clearance (SC as a minimum) Have a proven track record in security and information risk management Be a SME of technical, physical, procedural, personnel security management Be experienced in working in major public industry sectors eg Defence (MoD) and/or HM Government departments or agencies Have knowledge and experience of the following security standards - ISO27001, MoD JSP604, 440 & 490, NIST, NCSC best practice Benefit from lots of different resources to help you stay in tune with latest developments and future strategy (eg Defence Cyber Protection Partnership - DCPP, Team Defence Information - TD-Info) Be experienced in communicating and influencing across all levels Be excellent at stakeholder management and be able to work with (and provide security support to) peer SMEs from other disciplines Have excellent communication and leadership qualities Be self-motivated and proactive Be organised and able to multi-task Promote security best practice and awareness You might even: Have knowledge of Secure by Design Have a NCSC Certified Cyber Professional (CCP) Information System Security Manager and/or Security & Information Risk Advisor certification or background Have a Certified Information Systems Security Professional (CISSP) certification or background Have ISO 27001 Implementor and/or Auditor certification
Position: IT SAP Environments, Release & Environments Manager Location: Leeds/London Salary: Up to £70,000 Ways of working: Hybrid - Travel to the office as and when required Unfortunately this position is not offering Visa/Sponsorship at the time and all applicants must be willing to go through a CRB and DBS check Job Description: We are currently seeking an experienced IT SAP Environments, Change & Release Manager to join our dynamic team. As the IT SAP Environments, Change & Release Manager, you will be responsible for ensuring the integrity and continuity of the SAP S4HANA platform and integrated interfaces for my clients Finance and HR Systems. You will play a crucial role in managing changes and releases in the SAP environment, ensuring compliance with governance, legal, contractual, and regulatory requirements. Responsibilities: - Manage the implementation of changes/releases in the SAP environment, adhering to ITIL best practices and my clients IT framework. - Collaborate with DLAP teams, vendors/OEMs, and functional users to plan, implement, test, and communicate changes effectively. - Ensure the availability and performance of SAP environments and integrated systems. - Optimize and maintain automated (and manual) test coverage in line with the change/release schedule and scope. - Coordinate the scheduling and movement of transports across environments. - Validate and assure data quality, synchronize, refresh, and clean up data provisioning for non-production environments. - Maintain non-production environments and manage changes/releases to ensure seamless implementation without disrupting existing IT components. - Create and communicate release calendar, track changes/releases in the SAP landscape, and analyze their impact and risk level. - Evaluate implementation plans, obtain approvals, and schedule changes/releases in line with timelines. - Coordinate with technical teams and integrations manager to understand upstream/downstream impacts. - Manage maintenance windows, analyze reports and trends for areas of improvement, and take necessary actions. Requirements: - 5+ years of experience in a production change and/or environments capacity, applying the ITIL framework and best practices. - Competence in working in strict controlled environments in line with policies, procedures, and processes. - Competence with SAP HANA, SAP Solution Manager, and SAP solutions on Google Cloud. - Knowledge of SAP environments and life cycle. - Agile and DevOps mindset with experience in promoting and demonstrating best practices. - Experience with Service Now and working in a Managed Services environment. - Familiarity with DevOps and Agile methodologies. - At least 2 ITIL v3 Intermediate Certificates, including Service Transition. - Bachelors degree in Computer Science, Information Technology, or equivalent education. - Excellent verbal and written communication skills. - Experience in managing changes/releases in an SAP environment. - Preferred experience in SAP or ERP Service Support within the legal sector, professional services, or a global-scale environment. - Self-starter who thrives in an ever-changing, fast-paced business environment. Join our team and be part of an exciting journey in transforming my clients IT infrastructure. Apply now by submitting your resume above The Bridge IT are bringing you this position, please contact (see below) for more information
30/05/2023
Full time
Position: IT SAP Environments, Release & Environments Manager Location: Leeds/London Salary: Up to £70,000 Ways of working: Hybrid - Travel to the office as and when required Unfortunately this position is not offering Visa/Sponsorship at the time and all applicants must be willing to go through a CRB and DBS check Job Description: We are currently seeking an experienced IT SAP Environments, Change & Release Manager to join our dynamic team. As the IT SAP Environments, Change & Release Manager, you will be responsible for ensuring the integrity and continuity of the SAP S4HANA platform and integrated interfaces for my clients Finance and HR Systems. You will play a crucial role in managing changes and releases in the SAP environment, ensuring compliance with governance, legal, contractual, and regulatory requirements. Responsibilities: - Manage the implementation of changes/releases in the SAP environment, adhering to ITIL best practices and my clients IT framework. - Collaborate with DLAP teams, vendors/OEMs, and functional users to plan, implement, test, and communicate changes effectively. - Ensure the availability and performance of SAP environments and integrated systems. - Optimize and maintain automated (and manual) test coverage in line with the change/release schedule and scope. - Coordinate the scheduling and movement of transports across environments. - Validate and assure data quality, synchronize, refresh, and clean up data provisioning for non-production environments. - Maintain non-production environments and manage changes/releases to ensure seamless implementation without disrupting existing IT components. - Create and communicate release calendar, track changes/releases in the SAP landscape, and analyze their impact and risk level. - Evaluate implementation plans, obtain approvals, and schedule changes/releases in line with timelines. - Coordinate with technical teams and integrations manager to understand upstream/downstream impacts. - Manage maintenance windows, analyze reports and trends for areas of improvement, and take necessary actions. Requirements: - 5+ years of experience in a production change and/or environments capacity, applying the ITIL framework and best practices. - Competence in working in strict controlled environments in line with policies, procedures, and processes. - Competence with SAP HANA, SAP Solution Manager, and SAP solutions on Google Cloud. - Knowledge of SAP environments and life cycle. - Agile and DevOps mindset with experience in promoting and demonstrating best practices. - Experience with Service Now and working in a Managed Services environment. - Familiarity with DevOps and Agile methodologies. - At least 2 ITIL v3 Intermediate Certificates, including Service Transition. - Bachelors degree in Computer Science, Information Technology, or equivalent education. - Excellent verbal and written communication skills. - Experience in managing changes/releases in an SAP environment. - Preferred experience in SAP or ERP Service Support within the legal sector, professional services, or a global-scale environment. - Self-starter who thrives in an ever-changing, fast-paced business environment. Join our team and be part of an exciting journey in transforming my clients IT infrastructure. Apply now by submitting your resume above The Bridge IT are bringing you this position, please contact (see below) for more information
UK leading food distributor within the catering industry are seeking an experienced IT Compliance & Audit Manager to support and drive the compliance and risk standards throughout the business. Working closely with the leadership team while reporting direct to the Vice President of IT, you will lead the implementation of policies and security controls ensuring all are maintained. Proactively plan and deliver on business-critical compliance and IT Audits. The right candidate will have in-depth experience managing PCI DSS, Risk management and IT Audit while implementing cyber governance. The Role: Lead and maintain PCI DSS compliances and standard practices Manage and maintain IT risk register and IT contracts Work closely with both IT SecOps teams and senior IT management to develop and ensure all information system security for all business-critical systems are secure Lead Quarterly It Audits Oversee functional testing of cyber security controls The Requirements: Proven experience with PCI DSS and Cyber Essentials Plus Come from an IT security compliance background or similar Ability to communicate with all levels of stakeholders and IT technical teams Strong knowledge Microsoft Azure Cloud Security PCI ISA Qualification desirable Confidence to plan and implement new procedures while managing operational duties Full UK right to work required; no sponsorship options available The Overview: Up to £75,000 depending on experience Fulltime permanent position Hybrid role, 3 days in office Bath area, parking available
27/05/2023
Full time
UK leading food distributor within the catering industry are seeking an experienced IT Compliance & Audit Manager to support and drive the compliance and risk standards throughout the business. Working closely with the leadership team while reporting direct to the Vice President of IT, you will lead the implementation of policies and security controls ensuring all are maintained. Proactively plan and deliver on business-critical compliance and IT Audits. The right candidate will have in-depth experience managing PCI DSS, Risk management and IT Audit while implementing cyber governance. The Role: Lead and maintain PCI DSS compliances and standard practices Manage and maintain IT risk register and IT contracts Work closely with both IT SecOps teams and senior IT management to develop and ensure all information system security for all business-critical systems are secure Lead Quarterly It Audits Oversee functional testing of cyber security controls The Requirements: Proven experience with PCI DSS and Cyber Essentials Plus Come from an IT security compliance background or similar Ability to communicate with all levels of stakeholders and IT technical teams Strong knowledge Microsoft Azure Cloud Security PCI ISA Qualification desirable Confidence to plan and implement new procedures while managing operational duties Full UK right to work required; no sponsorship options available The Overview: Up to £75,000 depending on experience Fulltime permanent position Hybrid role, 3 days in office Bath area, parking available
UK leading food distributor within the catering industry are seeking an experienced IT Compliance & Audit Manager to support and drive the compliance and risk standards throughout the business. Working closely with the leadership team while reporting direct to the Vice President of IT, you will lead the implementation of policies and security controls ensuring all are maintained. Proactively plan and deliver on business-critical compliance and IT Audits. The right candidate will have in-depth experience managing PCI DSS, Risk management and IT Audit while implementing cyber governance. The Role: Lead and maintain PCI DSS compliances and standard practices Manage and maintain IT risk register and IT contracts Work closely with both IT SecOps teams and senior IT management to develop and ensure all information system security for all business-critical systems are secure Lead Quarterly It Audits Oversee functional testing of cyber security controls The Requirements: Proven experience with PCI DSS and Cyber Essentials Plus Come from an IT security compliance background or similar Ability to communicate with all levels of stakeholders and IT technical teams Strong knowledge Microsoft Azure Cloud Security PCI ISA Qualification desirable Confidence to plan and implement new procedures while managing operational duties Full UK right to work required; no sponsorship options available The Overview: Up to £75,000 depending on experience Fulltime permanent position Hybrid role, 3 days in office Bath area, parking available
27/05/2023
Full time
UK leading food distributor within the catering industry are seeking an experienced IT Compliance & Audit Manager to support and drive the compliance and risk standards throughout the business. Working closely with the leadership team while reporting direct to the Vice President of IT, you will lead the implementation of policies and security controls ensuring all are maintained. Proactively plan and deliver on business-critical compliance and IT Audits. The right candidate will have in-depth experience managing PCI DSS, Risk management and IT Audit while implementing cyber governance. The Role: Lead and maintain PCI DSS compliances and standard practices Manage and maintain IT risk register and IT contracts Work closely with both IT SecOps teams and senior IT management to develop and ensure all information system security for all business-critical systems are secure Lead Quarterly It Audits Oversee functional testing of cyber security controls The Requirements: Proven experience with PCI DSS and Cyber Essentials Plus Come from an IT security compliance background or similar Ability to communicate with all levels of stakeholders and IT technical teams Strong knowledge Microsoft Azure Cloud Security PCI ISA Qualification desirable Confidence to plan and implement new procedures while managing operational duties Full UK right to work required; no sponsorship options available The Overview: Up to £75,000 depending on experience Fulltime permanent position Hybrid role, 3 days in office Bath area, parking available
Services and Control Senior Analyst - Insurance Market Competitive Salary + Bonus + Benefits The Service and Controls Lead is part of the Technology Service Management function and helps leads and enable the definition and improvement of ITSM capability. This role enables our Technology Change Delivery Portfolios as well as BAU service delivery teams by driving and owning appropriate ITSM Controls and Governance to assure secure, stable, and performing technology services. The role leverages existing the client's enterprise service management process and controls capability, owning their localized implementation to support the GRSI Tech's strategy. As well, the role leads on the necessary improvements to address gaps and recommendations across the wider Audit, Cyber and IT controls frameworks. Key Responsibilities: Responsible for ITSM Controls and Governance enabling secure, stable and performing technology services. Implement and improve ITSM capability, reporting, controls, service integration and process support Provide appropriate service reporting on a regular basis to achieve targets, continuously improve and deliver excellent customer service Share best practice and coach on ITSM, increasing the internal body of knowledge Develop quality, exec-ready management information, presentations, proposals, and reports Helps drive the ITSM Strategy for GRSI Technology working in coordination with Enterprise SMO, as well as GRS Tech. Engineering, Resilience and support teams Drive the necessary improvements to address gaps and recommendations relating to ITSM across the wider Audit, DT Cyber and IT controls frameworks Compliance & Strategic Alignment Ensure appropriate technology controls are implemented and regularly tested in line with the client, GRSI, GRS and GDS practices Align to Company and GRS technology delivery functions to ensure the service management team operates in compliance with all relevant standards, processes and procedures Demonstrate behaviours as set out in the Conduct Risk Policy in alignment with company commitment to placing customers at the centre of our business and behaving with integrity Service Management Support Service Delivery Team leads and Managers with robust ITSM practices and process support Oversee and evolve Major and High Priority Incident Management Drive adoption of Problem Management and Continual Improvement Engage with business leaders to ensure Services are understood and appropriate, evolving our service catalogue and service level agreement framework Ensure appropriate service level reporting and dashboards as required Chair the service review process with customers and key stakeholders Enhance the Supplier Management practices, ensuring formal inventory of vendor contracts and active management of all contracts with a strong commercial mindset Service Operations Support Act as an escalation point for major incident and problem management; Take ownership of critical incidents, coordinating with resolution parties, and establishing effective communication between stakeholders for post-incident reviews Ensure appropriate risk and impact assessments are Embedded and performed in Change Management and CAB processes Collaborate with the Desktop Support, Cloud and Infrastructure Engineering Managers to ensure team priorities are aligned with the ITSM strategy Information Security Management Devise measures to protect company data from both internal and external threats Take part in day-to-day monitoring for activities, implement defensive protocols, and report incidents in line with security best practices Contribute to security guidelines, procedures, standards, and controls documentation Continuous Improvement, Governance & Delivery Own ITSM capability and service improvement roadmaps, enhancing service management processes, governance, tools, reporting and compliance Act as Product Owner for ITSM Processes and Tooling maintain a backlog of all related initiatives aligned to the Agile Portfolio Office Actively manage risks and issues in the ITSM area, developing mitigation plans/actions and remediation planning sessions, logging and escalating where appropriate Review practices to ensure consistency with policies, compliance regulations and control requirements, providing direction and changes as needed and ensuring alignment with business objectives and industry trends Champion, coach and promote the sharing of best practice on ITSM, increasing the internal capability and body of knowledge Develop and maintain Service management operational policies, standards, procedures, and guidelines where applicable Skills and Experience Experienced Service Management professional ITIL qualifications - preferably ITIL Expert, or Strategic Leader Excellent interpersonal and customer service skills with a passion for service excellence and a track record of continuous service improvement Strong leadership ability and team spirit with exceptional skills in motivating, coaching and supporting team members to deliver success outcomes Demonstrable experience of internal and external stakeholder engagement Exposure to financial and vendor management Strong organisational skills with an ability to balance and prioritise multiple initiatives at once, and to work under pressure when necessary Apply today with your most up to date CV. If this role isn't quite what you are after but know someone who may be relevant, we offer a referral scheme for any successful recommendations. Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.
26/05/2023
Full time
Services and Control Senior Analyst - Insurance Market Competitive Salary + Bonus + Benefits The Service and Controls Lead is part of the Technology Service Management function and helps leads and enable the definition and improvement of ITSM capability. This role enables our Technology Change Delivery Portfolios as well as BAU service delivery teams by driving and owning appropriate ITSM Controls and Governance to assure secure, stable, and performing technology services. The role leverages existing the client's enterprise service management process and controls capability, owning their localized implementation to support the GRSI Tech's strategy. As well, the role leads on the necessary improvements to address gaps and recommendations across the wider Audit, Cyber and IT controls frameworks. Key Responsibilities: Responsible for ITSM Controls and Governance enabling secure, stable and performing technology services. Implement and improve ITSM capability, reporting, controls, service integration and process support Provide appropriate service reporting on a regular basis to achieve targets, continuously improve and deliver excellent customer service Share best practice and coach on ITSM, increasing the internal body of knowledge Develop quality, exec-ready management information, presentations, proposals, and reports Helps drive the ITSM Strategy for GRSI Technology working in coordination with Enterprise SMO, as well as GRS Tech. Engineering, Resilience and support teams Drive the necessary improvements to address gaps and recommendations relating to ITSM across the wider Audit, DT Cyber and IT controls frameworks Compliance & Strategic Alignment Ensure appropriate technology controls are implemented and regularly tested in line with the client, GRSI, GRS and GDS practices Align to Company and GRS technology delivery functions to ensure the service management team operates in compliance with all relevant standards, processes and procedures Demonstrate behaviours as set out in the Conduct Risk Policy in alignment with company commitment to placing customers at the centre of our business and behaving with integrity Service Management Support Service Delivery Team leads and Managers with robust ITSM practices and process support Oversee and evolve Major and High Priority Incident Management Drive adoption of Problem Management and Continual Improvement Engage with business leaders to ensure Services are understood and appropriate, evolving our service catalogue and service level agreement framework Ensure appropriate service level reporting and dashboards as required Chair the service review process with customers and key stakeholders Enhance the Supplier Management practices, ensuring formal inventory of vendor contracts and active management of all contracts with a strong commercial mindset Service Operations Support Act as an escalation point for major incident and problem management; Take ownership of critical incidents, coordinating with resolution parties, and establishing effective communication between stakeholders for post-incident reviews Ensure appropriate risk and impact assessments are Embedded and performed in Change Management and CAB processes Collaborate with the Desktop Support, Cloud and Infrastructure Engineering Managers to ensure team priorities are aligned with the ITSM strategy Information Security Management Devise measures to protect company data from both internal and external threats Take part in day-to-day monitoring for activities, implement defensive protocols, and report incidents in line with security best practices Contribute to security guidelines, procedures, standards, and controls documentation Continuous Improvement, Governance & Delivery Own ITSM capability and service improvement roadmaps, enhancing service management processes, governance, tools, reporting and compliance Act as Product Owner for ITSM Processes and Tooling maintain a backlog of all related initiatives aligned to the Agile Portfolio Office Actively manage risks and issues in the ITSM area, developing mitigation plans/actions and remediation planning sessions, logging and escalating where appropriate Review practices to ensure consistency with policies, compliance regulations and control requirements, providing direction and changes as needed and ensuring alignment with business objectives and industry trends Champion, coach and promote the sharing of best practice on ITSM, increasing the internal capability and body of knowledge Develop and maintain Service management operational policies, standards, procedures, and guidelines where applicable Skills and Experience Experienced Service Management professional ITIL qualifications - preferably ITIL Expert, or Strategic Leader Excellent interpersonal and customer service skills with a passion for service excellence and a track record of continuous service improvement Strong leadership ability and team spirit with exceptional skills in motivating, coaching and supporting team members to deliver success outcomes Demonstrable experience of internal and external stakeholder engagement Exposure to financial and vendor management Strong organisational skills with an ability to balance and prioritise multiple initiatives at once, and to work under pressure when necessary Apply today with your most up to date CV. If this role isn't quite what you are after but know someone who may be relevant, we offer a referral scheme for any successful recommendations. Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.
Digital Safety Risk and Assurance Specialist (Cyber Security) What will I be doing? The risk and assurance specialist is responsible delivering our risk management framework through identifying, capturing and measuring cyber security risks. This role encompasses working with multiple diverse business areas to capture the relevant information that results in the representation of well-defined risk information to support informed decisions in the relevant forums. This role supports the overall Digital Safety Assurance team's objectives and provides visibility of key information relating to our regulatory compliance or control maturity. What do we need from you? We would love to speak to candidates that have some of the following experience: Operate the Digital Safety risk framework to assess and record cyber risk within easyJet. Work with multiple functions ranging from technical IT through to business facing functions to capture the full spectrum of related risk information. Operate the digital safety supplier assurance process to understand and capture risks related to our supply chain. Identify and capture potential gaps in our regulatory compliance environment and work with the Digital Safety Compliance Manager and the Data Protection team to resolve. Identify and capture information relating to our Data Governance framework and work with the Digital Safety Data Management Manager to resolve. Work with the IT Quality and Risk function to align on the IT risk relevant areas when dealing with Digital Safety risks. Present findings at relevant risk forums to support the treatment of identified risks. Provide training and advice to colleagues in the Cyber Governance, Compliance, Assurance and Risk team, the wider LC&R team and other departments on the use of the risk methodology to encourage consistent risk measurement and reporting across the company. Ideal Qualifications CRISC or similar (eg Institute of Risk Management) CISSP, COMPTIA Security + or other security qualification Information Security or industry relevant qualifications Desirable Skills/Experience Previously worked in a similar information security role and other complementary business roles where the management of some type of risk (eg product, project) formed part of the role's responsibilities. Candidates must have the essential skills identified. Why join us? We are connected, fast-paced, no-one stands on status, we're lean but not mean, and our talent is the best in the industry. We strive for diversity in all its forms, we work hard and have fun and we are continuously innovating. What is my next step? Please follow the link to the apply for the position directly or reach out to me for an initial conversation about the opportunity.
26/05/2023
Full time
Digital Safety Risk and Assurance Specialist (Cyber Security) What will I be doing? The risk and assurance specialist is responsible delivering our risk management framework through identifying, capturing and measuring cyber security risks. This role encompasses working with multiple diverse business areas to capture the relevant information that results in the representation of well-defined risk information to support informed decisions in the relevant forums. This role supports the overall Digital Safety Assurance team's objectives and provides visibility of key information relating to our regulatory compliance or control maturity. What do we need from you? We would love to speak to candidates that have some of the following experience: Operate the Digital Safety risk framework to assess and record cyber risk within easyJet. Work with multiple functions ranging from technical IT through to business facing functions to capture the full spectrum of related risk information. Operate the digital safety supplier assurance process to understand and capture risks related to our supply chain. Identify and capture potential gaps in our regulatory compliance environment and work with the Digital Safety Compliance Manager and the Data Protection team to resolve. Identify and capture information relating to our Data Governance framework and work with the Digital Safety Data Management Manager to resolve. Work with the IT Quality and Risk function to align on the IT risk relevant areas when dealing with Digital Safety risks. Present findings at relevant risk forums to support the treatment of identified risks. Provide training and advice to colleagues in the Cyber Governance, Compliance, Assurance and Risk team, the wider LC&R team and other departments on the use of the risk methodology to encourage consistent risk measurement and reporting across the company. Ideal Qualifications CRISC or similar (eg Institute of Risk Management) CISSP, COMPTIA Security + or other security qualification Information Security or industry relevant qualifications Desirable Skills/Experience Previously worked in a similar information security role and other complementary business roles where the management of some type of risk (eg product, project) formed part of the role's responsibilities. Candidates must have the essential skills identified. Why join us? We are connected, fast-paced, no-one stands on status, we're lean but not mean, and our talent is the best in the industry. We strive for diversity in all its forms, we work hard and have fun and we are continuously innovating. What is my next step? Please follow the link to the apply for the position directly or reach out to me for an initial conversation about the opportunity.
A UK leading food supplier within the catering industry are seeking an experienced IT Compliance & Audit Manager to support and drive the compliance and risk standards throughout the business. Working closely with the leadership team while reporting direct to the Vice President of IT, you will ensure policies and security controls are maintained while proactively plan and deliver on business-critical compliance and IT Audits. The right candidate will have an in-depth experience managing PCI DSS, Risk Managers and IT Audit implementing cyber governance. The Role: Lead and maintain PCI DSS compliances and standard practices Manage and maintain IT risk register and IT contracts Work closely with both IT SecOps teams and senior IT management to develop and ensure all information system security for all business-critical systems are secure Lead Quarterly It Audits Oversee functional testing of cyber security controls The Requirements: Proven experience with PCI DSS and Cyber Essentials Plus Come from an IT security compliance background or similar Ability to communicate with all levels of stakeholders and IT technical teams Strong knowledge Microsoft Azure Cloud Security PCI ISA Qualification desirable The Overview: Up to £65,000 depending on experience Fulltime permanent position Hybrid role, 3 days in office Bath area, parking available
26/05/2023
Full time
A UK leading food supplier within the catering industry are seeking an experienced IT Compliance & Audit Manager to support and drive the compliance and risk standards throughout the business. Working closely with the leadership team while reporting direct to the Vice President of IT, you will ensure policies and security controls are maintained while proactively plan and deliver on business-critical compliance and IT Audits. The right candidate will have an in-depth experience managing PCI DSS, Risk Managers and IT Audit implementing cyber governance. The Role: Lead and maintain PCI DSS compliances and standard practices Manage and maintain IT risk register and IT contracts Work closely with both IT SecOps teams and senior IT management to develop and ensure all information system security for all business-critical systems are secure Lead Quarterly It Audits Oversee functional testing of cyber security controls The Requirements: Proven experience with PCI DSS and Cyber Essentials Plus Come from an IT security compliance background or similar Ability to communicate with all levels of stakeholders and IT technical teams Strong knowledge Microsoft Azure Cloud Security PCI ISA Qualification desirable The Overview: Up to £65,000 depending on experience Fulltime permanent position Hybrid role, 3 days in office Bath area, parking available
NO SPONSORSHIP FRM Risk Advisory Services (GRC) SALARY: $80k - $100k plus 10% LOCATION: Chicago, IL Hybrid 3 days onsite FRM is Financial Risk Management GRC Governance risk. You will need 1 year audit compliance and enterprise and risk. Approaches within SEC or CFTC regulated businesses financial services capital markets a plus must be degreed. Responsibilities: Learn, develop, and advance financial risk and GRC knowledge through practical experience and ongoing training, to promote efficiency, effectiveness, and maturity of FRM's control environment Support training of RAS staff on FRM's processes, GRC practices, and ad-hoc initiatives that support achievement of goals and objectives Support business units' preparation, execution, and delivery throughout regulatory examinations and other internal or external reviews Support resolution of issues discovered during examinations, internal audits, compliance reviews and self-testing findings Monitor, coordinate, support, and document remediation activities of FRM and escalate issues, as necessary Support preparation of a summary of remediation activities and closure documentation to FRM leadership and governing committees Implement the FRM Department's internal policies, procedures, processes, controls, and risk statements, Identifying and implementing enhancements for increased efficiency in processes, controls, and related documentation Promote best practices related to FRM's documentation, including control rationalization and frameworks Qualifications: Experience with internal controls, risk assessment strategies, audit techniques, and project management. Ability to understand, analyze, and design complex processes, including identification and implementation of recommended solutions Ability to understand, at a high level, quantitative models and methodologies and use that knowledge to advise on the associated governance, risk, and compliance activities to achieve positive outcomes Experience performing risk assessments and assessing design and operational effectiveness of applicable controls Technical Skills: [Preferred] Experience with Governance and Risk & Compliance Software such as Archer Education and/or Experience: 1+ years of experience with audit, compliance and enterprise risk approaches within SEC or CFTC regulated businesses [Preferred] Experience within Capital Markets, SIFMU, CCP and/or Financial Services Exceptional customer service and collaboration skills Bachelor of Science in Finance, Business or a related discipline Certificates or Licenses: [Preferred] Certified Regulatory Compliance Manager (CRCM), GRC Certification, or Certified Internal Auditor (CIA)
25/05/2023
Full time
NO SPONSORSHIP FRM Risk Advisory Services (GRC) SALARY: $80k - $100k plus 10% LOCATION: Chicago, IL Hybrid 3 days onsite FRM is Financial Risk Management GRC Governance risk. You will need 1 year audit compliance and enterprise and risk. Approaches within SEC or CFTC regulated businesses financial services capital markets a plus must be degreed. Responsibilities: Learn, develop, and advance financial risk and GRC knowledge through practical experience and ongoing training, to promote efficiency, effectiveness, and maturity of FRM's control environment Support training of RAS staff on FRM's processes, GRC practices, and ad-hoc initiatives that support achievement of goals and objectives Support business units' preparation, execution, and delivery throughout regulatory examinations and other internal or external reviews Support resolution of issues discovered during examinations, internal audits, compliance reviews and self-testing findings Monitor, coordinate, support, and document remediation activities of FRM and escalate issues, as necessary Support preparation of a summary of remediation activities and closure documentation to FRM leadership and governing committees Implement the FRM Department's internal policies, procedures, processes, controls, and risk statements, Identifying and implementing enhancements for increased efficiency in processes, controls, and related documentation Promote best practices related to FRM's documentation, including control rationalization and frameworks Qualifications: Experience with internal controls, risk assessment strategies, audit techniques, and project management. Ability to understand, analyze, and design complex processes, including identification and implementation of recommended solutions Ability to understand, at a high level, quantitative models and methodologies and use that knowledge to advise on the associated governance, risk, and compliance activities to achieve positive outcomes Experience performing risk assessments and assessing design and operational effectiveness of applicable controls Technical Skills: [Preferred] Experience with Governance and Risk & Compliance Software such as Archer Education and/or Experience: 1+ years of experience with audit, compliance and enterprise risk approaches within SEC or CFTC regulated businesses [Preferred] Experience within Capital Markets, SIFMU, CCP and/or Financial Services Exceptional customer service and collaboration skills Bachelor of Science in Finance, Business or a related discipline Certificates or Licenses: [Preferred] Certified Regulatory Compliance Manager (CRCM), GRC Certification, or Certified Internal Auditor (CIA)
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Director of Data Governance. Candidate will be responsible in executing and implementing the data governance policies and procedures. Individual will be member of data team under corporate risk function having managerial responsibilities and work under the direct supervision of Head of Data. Responsibilities: Responsible for creating and developing the capabilities of the data framework as per the data road-map. Define roles and responsibilities related to data governance and work with the various business functions to strengthen data accountability and implement data stewardship. Develop the data quality framework as well as set standards for measurement that ensure that data is fit for its purpose. Work with business and technical staff to identify and implement proactive data quality monitoring and produce data quality KPIs and metrices. Responsible in strengthening the business glossary, metadata management and data lineage procedures and ensuring the regulatory compliance. Close collaboration with 2nd and 3rd LOD to ensure the timely completion of remediation efforts. Continuous improvements in the data governance capabilities to improve operational efficiencies and risk reduction. Work with the other teams and staff on complex and multi-tiered projects that data governance will be a part of. Work with the technical data team and Information Governance team on data classification and security to protect the sensitive data. Participates in business requirements gathering activities and deep dive the critical business applications to identify the data quality improvements and automation opportunities. Work with data team to plan and conduct the company wide data awareness and education campaign. Supervisory Responsibilities: Ability to develop people, mentoring and teaching on the job. Manages team of 3-5 staff. Qualifications: Bachelor or Master degree in data analytics, computer science or related field. 8+ years of related data experience in capital market domain with at least 3 years of hands-on work on data governance functional areas. Practical experience in implementing company wide data governance framework and delivering data capabilities. Experience in working with 2nd and 3rd LOD. Experience using the data governance tools like IBM ISEE, Informatica or Collibra. SQL experience is must. Strong data analysis capabilities. Knowledge of industry leading data governance practices. Ability to work on complex projects and get them finished on time with high quality standards. Ability to develop people, mentoring and teaching on the job. Demonstrated strong communication and presentation skills. Demonstrated strong organization and time management skills and ability to handle multiple tasks. Education and/or Experience: Bachelor or Master degree in data analytics, computer science or related field.
25/05/2023
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Director of Data Governance. Candidate will be responsible in executing and implementing the data governance policies and procedures. Individual will be member of data team under corporate risk function having managerial responsibilities and work under the direct supervision of Head of Data. Responsibilities: Responsible for creating and developing the capabilities of the data framework as per the data road-map. Define roles and responsibilities related to data governance and work with the various business functions to strengthen data accountability and implement data stewardship. Develop the data quality framework as well as set standards for measurement that ensure that data is fit for its purpose. Work with business and technical staff to identify and implement proactive data quality monitoring and produce data quality KPIs and metrices. Responsible in strengthening the business glossary, metadata management and data lineage procedures and ensuring the regulatory compliance. Close collaboration with 2nd and 3rd LOD to ensure the timely completion of remediation efforts. Continuous improvements in the data governance capabilities to improve operational efficiencies and risk reduction. Work with the other teams and staff on complex and multi-tiered projects that data governance will be a part of. Work with the technical data team and Information Governance team on data classification and security to protect the sensitive data. Participates in business requirements gathering activities and deep dive the critical business applications to identify the data quality improvements and automation opportunities. Work with data team to plan and conduct the company wide data awareness and education campaign. Supervisory Responsibilities: Ability to develop people, mentoring and teaching on the job. Manages team of 3-5 staff. Qualifications: Bachelor or Master degree in data analytics, computer science or related field. 8+ years of related data experience in capital market domain with at least 3 years of hands-on work on data governance functional areas. Practical experience in implementing company wide data governance framework and delivering data capabilities. Experience in working with 2nd and 3rd LOD. Experience using the data governance tools like IBM ISEE, Informatica or Collibra. SQL experience is must. Strong data analysis capabilities. Knowledge of industry leading data governance practices. Ability to work on complex projects and get them finished on time with high quality standards. Ability to develop people, mentoring and teaching on the job. Demonstrated strong communication and presentation skills. Demonstrated strong organization and time management skills and ability to handle multiple tasks. Education and/or Experience: Bachelor or Master degree in data analytics, computer science or related field.
IT Security and Governance Manager (reporting into the IT Director), c£60000 - 80000+ benefits, nr Cheltenham, Gloucestershire. 4 days in the office, 1 day WFH Growing company are looking for an IT Security and Governance Manager who will co-ordinate all the IT Security compliance including Certifications such ISO 27001, Cyber Essentials and NIST. You will support the ongoing production and publication of Policies, Awareness and Risk across the business and will work with the IT Director to drive the Security strategy. The role is hands-on and you will be responsible for a team of 2 (Cyber Analyst and Data and Governance Manager). Responsibilities Include - Manage the compliance Portal. Manage supplier engagements based on IT Security Certifications and to drive improvements where required. Manage the relevant Certifications. Primarily ISO 27001, Cyber Essentials and NIST 800-171 (ISO 27001 critical, training available for NIST). Contribute to awareness activities. Supporting the management of Risk. Supporting the daily maintenance activities and response where necessary. Policies, Awareness and Risk across the business Experience Required - Previous knowledge and responsibility for ISO 27001. Knowledge or a willingness to learn Cyber Essentials and NIST. Data Protection or similar compliance qualification. Understanding of Risk Management methodologies. Experience of creating and managing an ISMS. Demonstrable knowledge of Policy production, management and promulgation. This is a great chance to join a global company that is going through an exciting period of growth and expansion. If you have the required skills and experience please send your CV for a full brief. This role is based in the Cheltenham/Gloucester area and requires 4 days a week in the office. Salary is negotiable but is likely to be c £60000 £80000 + benefits. If you have the skills and experience and are interested in this position please send your CV for a full brief or call James Wallace for a confidential conversation.
24/05/2023
Full time
IT Security and Governance Manager (reporting into the IT Director), c£60000 - 80000+ benefits, nr Cheltenham, Gloucestershire. 4 days in the office, 1 day WFH Growing company are looking for an IT Security and Governance Manager who will co-ordinate all the IT Security compliance including Certifications such ISO 27001, Cyber Essentials and NIST. You will support the ongoing production and publication of Policies, Awareness and Risk across the business and will work with the IT Director to drive the Security strategy. The role is hands-on and you will be responsible for a team of 2 (Cyber Analyst and Data and Governance Manager). Responsibilities Include - Manage the compliance Portal. Manage supplier engagements based on IT Security Certifications and to drive improvements where required. Manage the relevant Certifications. Primarily ISO 27001, Cyber Essentials and NIST 800-171 (ISO 27001 critical, training available for NIST). Contribute to awareness activities. Supporting the management of Risk. Supporting the daily maintenance activities and response where necessary. Policies, Awareness and Risk across the business Experience Required - Previous knowledge and responsibility for ISO 27001. Knowledge or a willingness to learn Cyber Essentials and NIST. Data Protection or similar compliance qualification. Understanding of Risk Management methodologies. Experience of creating and managing an ISMS. Demonstrable knowledge of Policy production, management and promulgation. This is a great chance to join a global company that is going through an exciting period of growth and expansion. If you have the required skills and experience please send your CV for a full brief. This role is based in the Cheltenham/Gloucester area and requires 4 days a week in the office. Salary is negotiable but is likely to be c £60000 £80000 + benefits. If you have the skills and experience and are interested in this position please send your CV for a full brief or call James Wallace for a confidential conversation.
IT Security & Compliance Manager - Bath - circa £75,000 FTSE 250 company who provide FMCG products and services throughout the UK, Europe and North America require an IT Compliance manager. This position will support and drive the IT security, compliance and risk standards throughout the business. Working closely with the leadership team while reporting direct to the Vice President of IT, you will ensure policies and security controls are maintained while proactively plan and deliver on business-critical compliance and IT Audits. The right candidate will have an in-depth experience managing PCI DSS, Risk Managers and IT Audit implementing cyber governance. The Role: Manage PCI DSS regular filing, reporting and compliance Manage the introduction of Cyber Essentials Plus certification and reporting Conduct Quarterly Audit of IT to ensure process and procedures are document and being followed Conduct Scheduled Audits of external service providers in regards to compliance and contracts Manage and maintain IT contracts Manage IT risk register Ensure security policies and Embedded and audited Coordinate security tasks between the IT Security Organisation and IT Organisation Develop a plan to ensure technical security control frameworks are applied to all business-critical systems and are operating effectively through the life cycle of the system Manage 3rd party vulnerability scanning and work with internal and external teams to resolve any vulnerabilities Evaluate the security requirements of information systems and specify appropriate controls to secure the system from cyber-attack with full autonomy Oversee functional testing of cyber security controls to ensure that they are operational and effective when deployed to protect information systems. Ability to provide assurance monitoring and on-going testing of security controls to ensure that they are operating effectively. Working with stakeholders across the business to ensure controls are operating effectively and supporting the needs of the users as well as achieving security. Produce a monthly compliance report Partner with training and development to provide Cyber Security training and awareness Lead monthly Cyber Security Steering Committee The Requirement will include the following Proven experience with PCI DSS and Cyber Essentials Plus Come from an IT security compliance background or similar Ability to communicate with all levels of stakeholders and IT technical teams PCI ISA Qualification desirable Developing, documenting, and maintaining security policies, processes, procedures, and standards Security Architecture design Implementing cyber governance and security strategies Producing weekly/monthly/quarterly reports/dashboards Working with outputs of SOC tools/systems Risks associated with 3rd party supply chain Increasing security awareness, behavior, and culture This is a great opportunity to join one of the UK's leading FMCG companies in a highly visible and business critical position. The salary is a basic up to £75k with an excellent benefits package and additional bonus scheme. The role is hybrid with 2 days WFH and 3 days in the office which is near to the wonderful city of Bath (free parking)
24/05/2023
Full time
IT Security & Compliance Manager - Bath - circa £75,000 FTSE 250 company who provide FMCG products and services throughout the UK, Europe and North America require an IT Compliance manager. This position will support and drive the IT security, compliance and risk standards throughout the business. Working closely with the leadership team while reporting direct to the Vice President of IT, you will ensure policies and security controls are maintained while proactively plan and deliver on business-critical compliance and IT Audits. The right candidate will have an in-depth experience managing PCI DSS, Risk Managers and IT Audit implementing cyber governance. The Role: Manage PCI DSS regular filing, reporting and compliance Manage the introduction of Cyber Essentials Plus certification and reporting Conduct Quarterly Audit of IT to ensure process and procedures are document and being followed Conduct Scheduled Audits of external service providers in regards to compliance and contracts Manage and maintain IT contracts Manage IT risk register Ensure security policies and Embedded and audited Coordinate security tasks between the IT Security Organisation and IT Organisation Develop a plan to ensure technical security control frameworks are applied to all business-critical systems and are operating effectively through the life cycle of the system Manage 3rd party vulnerability scanning and work with internal and external teams to resolve any vulnerabilities Evaluate the security requirements of information systems and specify appropriate controls to secure the system from cyber-attack with full autonomy Oversee functional testing of cyber security controls to ensure that they are operational and effective when deployed to protect information systems. Ability to provide assurance monitoring and on-going testing of security controls to ensure that they are operating effectively. Working with stakeholders across the business to ensure controls are operating effectively and supporting the needs of the users as well as achieving security. Produce a monthly compliance report Partner with training and development to provide Cyber Security training and awareness Lead monthly Cyber Security Steering Committee The Requirement will include the following Proven experience with PCI DSS and Cyber Essentials Plus Come from an IT security compliance background or similar Ability to communicate with all levels of stakeholders and IT technical teams PCI ISA Qualification desirable Developing, documenting, and maintaining security policies, processes, procedures, and standards Security Architecture design Implementing cyber governance and security strategies Producing weekly/monthly/quarterly reports/dashboards Working with outputs of SOC tools/systems Risks associated with 3rd party supply chain Increasing security awareness, behavior, and culture This is a great opportunity to join one of the UK's leading FMCG companies in a highly visible and business critical position. The salary is a basic up to £75k with an excellent benefits package and additional bonus scheme. The role is hybrid with 2 days WFH and 3 days in the office which is near to the wonderful city of Bath (free parking)
