Search Vacancies

Security Risk and Consulting Manager

Business Role Type
Business Support Role
Business Support Departments
Security
Location
Cardiff
External Closing Date
13/12/2019

This vacancy has now expired, and is not accepting any new applications.

Please search for live opportunities or use the Register Interest facility to sign up for job alerts and/or leave your CV speculatively.

We are currently recruiting for a new senior-level role within our Information Security department - we are looking for a Risk and Consulting Manager. The role is intended to manage and improve the overall risk management and advisory services of the security department and ensure that current and future cyber risk exposure is minimised through effective mitigation activity.

About the Team

The Risk and Consulting capability sits within the Security Risk and Governance Team.

The team is ready to move to the next level of maturity for Information Security Governance and Risk Management, with a set of defined processes.

Job Purpose

The successful candidate will be responsible for the management of the Risk and Consulting team. They will need to ensure accurate reporting and management of asset information, dataflows and mapping, business impact assessments, resilience requirements, vulnerability and threat intelligence information, and all risk assessment, risk management, and advisory processes.

They will ensure that the Consultants are correctly preparing business impact assessments, and other key information required, to carry out a full risk assessment effectively and accurately.

They must also be aware of the legal and regulatory requirements of the organisation for reporting and management of risks, ensuring alignment with broader operational risk management processes.

The successful candidate will also be responsible for optimising risk management processes across the Security department.

Main Duties

The Risk and Consulting Manager will mentor and advise on the development and implementation of risk assessment and management processes. They will:

  • Identify sources of threat, vulnerability, likelihood, and impact information used to determine risk
  • Ensure appropriate technical risk responses are identified and prioritised
  • Establish and operate an appropriate risk management methodology and associated processes
  • Ensure information risk management processes are aligned with the wider organisational risk management approach
  • Build effective relationships with stakeholders from the wider Admiral community to establish the team as a trusted advisor in information risk management
  • Implement security within contracts with suppliers and third-party partners
  • Manage the assessment of suppliers and third-party partners using audits, test results, or other forms of evaluations to confirm they are meeting their obligations to protect Admiral’s information assets
  • Conduct response and recovery planning and testing with suppliers and third-party providers
  • Ensure the work of the Technical Security Consultants is of high quality

Experience and Qualifications Required

The Risk and Consulting Manager will have considerable experience in risk management, be familiar with control sets and risk assessment methodologies, and be able to structure these into risk management frameworks. The ability to communicate effectively with key stakeholders in IT is required, therefore a technical background is essential for this role. Additionally, the successful candidate should have proven experience in leading a team.

Essential Skills

  • Knowledge of risk management methodologies and control frameworks
  • Security architecture and/or design experience
  • Technical knowledge of security, with the ability to demonstrate practical application of controls
  • Strong attention to detail, with excellent analytical skills
  • Ability to communicate constructively and confidently and work well with others

Desirable

  • Degree in a technical discipline
  • CRISC, CISM or CISSP

About Admiral

Our success goes hand-in-hand with having a strong culture. Our philosophy is simple yet effective: people who like what they do, do it better. Our culture is honest, open and wholeheartedly focused on four key areas: Communication, Equality, Reward & Recognition, and Fun.

The Recruitment Officer looking after this role is Valvanuz Guerrero. If you’d like to know any more about the position, please feel free to drop her an email Valvanuz.GUERRERO-PEREZ3@admiralgroup.co.uk or give her a call on the Recruitment line - 0800 118 1619.

At Admiral, we are proud to be a diverse business where we put our people and customers first. We understand that a good work life balance is important, and we want you to have an element of freedom to define a working lifestyle that supports this. We are happy to talk about flexible working. Please ask your Recruitment Officer for more information.

 

#LI-LP1