We are working with an oil and gas firm looking for an Information Security Manager to help build out this new and improved security department. This role is a mixture of GRC, Assurance, and technical skills where you will liaise with all business areas to promote security efficiency.
Given the nature of the threats you will be dealing with, the ideal applicant should have experience in a Critical and National Infrastructure background, not just energy or oil and gas; we will also look at applicants with a telecoms background.
Previous experience in managing a team is required as you will be involved in growing the team. You will also be liaising with senior stakeholders in the firm in both IT and the business.
- Maintenance of Security policies and standards in line with business appetite and regulation.
- Reviewing architectural designs and artefacts
- Lead as the security SME for several high-profile, large budget programmes of work within IT.
- High-level review of third-party risk/vendor risk and review policy and processes where necessary
- Recruit and grow the security team and leading in the interview and selection process.
You will have
- A background in any of the following industries: Manufacturing, Energy, Nuclear, Logistics, telecoms or other Critical & National Infrastructure
- Experience of industrial or critical and national infrastructure regulation
- An understanding and knowledge of cloud technologies, AWS, Azure, or GCP
- Experience of managing a team or mentoring staff
- Controls / Frameworks- mixture of: ISO27001, MITRE, SCADA IoT, OT, Industrial Controls Systems, SCADA, NIS Regulation, NIS Directive.
- Security or Risk certifications
This role reports to a knowledgeable and supportive CISO, and you will have a high level of autonomy.
This role is urgent, and interviews can commence swiftly.