Security Risk Manager
About The Position
As a Security Risk Manager, you will oversee ESO's risk management framework to ensure that security threats are properly evaluated, tracked, and minimized to the extent possible. Our customers, regulators and stakeholders depend on our ability to protect customer data, so we need to be able to demonstrate our security posture at all times. ESO's software is in demand globally by firefighters, paramedics, hospitals, and governments. To meet this demand, we are improving our vulnerability assessment processes to protect our customers and data from a variety of fast-moving and constantly evolving threats. In this capacity, you will report to the Director of Security Compliance within our Security and IT Team. You will play an integral role in the transformation of the Security Compliance function working across all products, systems, and technologies. Our security team members have a high degree of autonomy and are part of a high functioning, motivated and forward-thinking team. You have the chance to join a growing and passionate team, working on critical products, whilst being supported with training opportunities and mentoring.
Requirements
- 5+ years' experience in technology security management, risk management, IT operations, and/or technology-related consulting.
- Experience conducting security risk assessments.
- Good analytical skills and ability to evaluate the likelihood and impact of identified risks.
- Great communication skills to be able to communicate with technical and non-technical stakeholders.
- Proven ability to coordinate and influence large groups, including strong planning & project management skills.
- Understanding of Microsoft Azure.
- You should also have a passion for what you do and understand how your work impacts ESO's success.
Nice To Haves
- Experience working with governance, risk, and compliance (GRC) tools and/or platforms such as LogicGate.
- Security qualifications (CISSP, CRISC, CISM, CISA).
- Detailed knowledge of the NIST 800-53 security and privacy controls.
- Experience working with the Atlassian product suite (Jira and Confluence) for collaboration.
Responsibilities
- Developing, implementing and maintaining a cyber risk management and control framework.
- Conducting risk assessments to understand, quantify and articulate the inherent and residual risk positions against a risk appetite position.
- Overseeing and reporting on the risk remediation plans required to enhance controls.
- Ensuring our risk function is compliant with NIST SP800-53 and SOC 2 obligations.
- Educating ESO colleagues on how to measure and document control effectiveness.
- Working with a range of teams to test control function adequacy and compliance.
- Defining and implementing appropriate reporting metrics to demonstrate risk management.
- Be in the detail, working shoulder-to-shoulder with our technology teams.
Benefits
- Life insurance (4 x base salary)
- Income protection insurance
- A generous pension contribution
- Private medical insurance including optical and dental
- A health cash plan
- Modern City Centre office and a flexible hybrid working policy
- AwardCo Recognition Program
- Enhanced paternity leave and pay, enhanced adoptive pay, enhanced maternity pay - 12 weeks full pay after 6 months' service.
- Enhanced short and long-term sick pay
- 25 days holiday which increases year on year until you reach 5 years of service + 14 additional days
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
