Operational and Information Security Risk Manager
united kingdom
About MPCH
MPCH is not just another workplace; it's a hub of innovation in the security and technology space. As part of our team, you will be at the forefront of developing and utilizing cutting-edge products that shape the future of information security. Our environment is one where innovative ideas are welcomed and rapidly transformed into reality, supported by the latest advancements in technology.
We pride ourselves on being pioneers in the industry, constantly pushing the boundaries of what is possible in security and operational technologies. By joining MPCH, you will have the unique opportunity to contribute to projects that are at the leading edge of today's technology landscape. Our commitment to excellence and innovation provides an ideal setting for professionals looking to make a significant impact and grow their skills in a cutting-edge, dynamic environment.
Join us at MPCH, where your work is not just about meeting the security needs of today but about innovating for the challenges of tomorrow.
About the Role
Join our team as the Operational and Information Security Risk Manager and collaborate directly with the Head of Information Security and Risk. You will be pivotal in designing and implementing a comprehensive Enterprise Risk Management (ERM) strategy that addresses all business aspects, focusing on Information Technology systems, services, networks, and applications.
Responsibilities:
Develop and execute a threat and risk-based approach, enhanced by continuous assurance, to accurately report the security posture across all IT domains.
Champion and ensure the adoption of robust, risk-based security measures and compliance frameworks within our organization, particularly focusing on proactive risk identification and mitigation strategies.
Serve as a leading risk advisor within the organization, offering expert guidance while coordinating closely with both internal and external stakeholders to address security risks and operational challenges.
Provide informed, risk-based advice and guidance across all IT services and systems, supporting diverse functions and teams to bolster security and operational integrity.
Engage in proactive identification, management, and mitigation of operational risks, while seizing opportunities to benefit the organization and meet business objectives.
Facilitate and enhance operational risk management capabilities across various levels of the organization through strategic facilitation, tailored material, and innovative delivery methods.
Establish and maintain systems to define, monitor, and analyze operational risk profiles, ensuring effective control strategies and evaluation of control effectiveness.
Collaborate extensively with both internal and external risk management stakeholders to integrate best practices, knowledge, and innovative processes into our risk management framework.
Qualifications:
Proven experience in operations information security risk management or a relevant honours degree (or equivalent professional experience). Certifications in CISSP, CSIM, or CRISC are highly desirable.
Comprehensive understanding of technical, organizational, and procedural controls, with a broad knowledge of the information security tools and vendor landscape.
Familiarity with key information security standards including ISO27001, NIST CSF, COBIT, and relevant legal frameworks such as GDPR.
Exceptional influencing and relationship-building skills, necessary for the development and implementation of effective risk treatment plans.
Strong analytical capabilities with the ability to communicate complex technical information effectively, both verbally and in writing, to both technical and non-technical audiences.
Benefits:
Salary range £55-60k (equivalent of $68-75k USD), dependent upon experience.
Stock options.
Opportunity to work with cutting-edge technology and make a real impact on a growing company.
Collaborative and supportive work environment.
To Apply:
If you are a highly motivated and results-oriented individual with a passion for information security, we encourage you to apply for this unique opportunity! Please submit your resume and cover letter directly via LinkedIn.
*No Agencies / Only Applicants Legally Able to Work in the UK*