Information Security Compliance Lead

at  Morgan McKinley

This is a great opportunity to become a key member of our clients Cyber Security Team ,responsible for ensuring efficient cyber operations across the organisation, monitoring and implementing security controls and capabilities, and supporting security design activities, ensuring alignment to leading industry, legal and regulatory standards and requirements. The team play a key role in embedding IT/OT security practices across processes, procedures and culture and acts as subject matter expert for the Head of IT, on all IT security related matters and issues across the enterprise.
Reporting to the Information Security Manager, the Information Security Compliance Lead will be responsible for developing, updating and managing the information security compliance program. This role will focus to ensure that the business adheres to relevant regulatory requirements, industry standards, and internal policies to safeguard sensitive information and maintain a secure operating environment.

REQUIRED SKILLS:

• Relevant third level qualification and or accreditation is desirable
• A minimum of 5 years’ experience in utilities or similar industries is desirable and or relevant experience
• Ability to develop and maintain effective strategic partnerships with key stakeholders internally and externally
• Proven track record with dealing with complex issues, proactively and in a timely fashion along with the ability to communicate information to others
• Highly motivated individual, working to the highest professional standards and with proven ability to deliver results
• Strong analytical skills and ability to identify and analyse problems and potential improvements, and propose and implement solutions
• Demonstrate adaptability and the ability to change focus and direction in line with business strategy and requirements
• Proactively identifying new areas of improvement and using newly gained knowledge and skill on the job
  Morgan McKinley is acting as an Employment Agency and references to pay rates are indicative.

KEY RESPONSIBILITIES:

• SME knowledge of laws, regulations, and industry standards related to information security; e.g., NIST, NISD, NIS-2
• Articulate, interpret and communicate regulatory requirements to key stakeholders.
• Work on multi-disciplinary areas e.g., technical, legal and compliance teams to ensure alignment between legal, compliance and security requirements.
• SME knowledge and maintaining information security policies, procedures, and guidelines.
• Update and work with stakeholders to enforce policies across the organisation, including both IT and OT environments.
• Conduct regular reviews to ensure policies remain current and effective.
• Conduct risk assessments to identify potential threats and vulnerabilities relevant to IT/OT, monitor and report on risk management as appropriate.
• Coordinate and participate in internal and external audits.
• Facilitate remediation efforts based on IT/OT Security audit findings.
• Maintain accurate and up-to-date documentation of compliance activities.
• Generate regular reports for senior management and stakeholders on compliance status.
• Prepare and submit required compliance documentation to regulatory bodies.
• Compile monthly IS KPI’s and metricsLiaise with the IT/OT security operations teams to assess the vulnerability of systems and infrastructure to information security threats