Apply for this job now

Digital Safety Risk Manager

Job Type
16 Sep 2022
The purpose of the role is to ensure the organisation's cyber risks are mitigated through the establishment of sound Information Security risk assurance practices, including ensuring cyber risk appetite is maintained, projects are managed to within appetite. JOB ACCOUNTABILITIES Line managing, leading and developing a team of high-performing Information Security Risk Specialists. Work with the Head of Digital Safety Assurance to define and maintain a set of capabilities for Digital Safety Risk Assurance. Create, maintain and update as necessary the Digital Safety risk register, providing reports to the Head of Digital Assurance, the CISO and Head of Risk and Audit as required. Have a "line of sight" into the Audit Committee, Safety Committee, AMB and Board on Digital Safety risk related matters. Work with the Head of Digital Safety Risk Assurance to build and mature our Digital Safety Risk Framework, including standardised processes and procedures for risk assessment, reporting and escalation. Operate the Digital Safety risk assessment process, providing recommendations for process improvements to Head of Digital Assurance. Provide assurance to stakeholders that Digital Safety control performance is adequate to manage Digital Safety risk within our agreed risk appetite. Liaison with and offer strategic direction to related cyber and information risk functions (such as Physical Security/Facilities, Risk Management, IT, HR, Engineering, Legal and Compliance) plus senior and middle managers throughout the organization as necessary, on information security risk matters such as routine risk assurance activities plus emerging security risks and control technologies. To act independently of the IT function, reporting risk and control issues where necessary directly to the Head of Digital Assurance, CISO and Head of Risk and Audit, providing assurance to ensure mitigation activities are fit for purpose. Recommend new controls as necessary to manage, mitigate and reduce Digital Safety risk. Provide expert support to the DPO and build strong relationships with external Cyber and Info security bodies of excellence (e.g. NCSC) to the benefit of the business Review, challenge and track the implementation of risk mitigation treatment plans as a result of a risk assessment, ensuring that there is appropriate management focus for high and critical risks. Own 3rd party cyber risk mitigation. Manage suppliers as required to deliver outsourced capabilities. Manage our third-party Digital Safety risk assurance programme, ensuring that our partners and suppliers manage Digital Safety risk in line with our expectations. This includes ensuring that we have appropriate contractual clauses in place with our partners and suppliers. Support the Information Security Incident response process as required, tracking information security incidents to ensure risk mitigation controls are appropriate and that exposure is minimised. Produce and disseminate Management Information in relation to Digital Safety Risk. Assist with the preparation of material for periodic Information Security Groups (such as the Cyber Risk Action Group, Digital Safety Assurance Forum and Digital Safety Board). Quorate member of Digital Safety Assurance Forum. Attendance at Digital Safety Board as required. Support the wider Digital Safety team and the business at large in building a 'just culture' of Digital Safety. Work with the Head of Digital Assurance and our HR team to ensure that the team is adequately resourced and skilled to meet demand. KEY SKILLS REQUIRED Significant experience in information security management and/or related functions (such as IT audit and IT Risk Management) Information security management qualifications such as CISSP or CISM, or significant proven expertise in this area High standards of personal integrity (demonstrated by an unblemished career history), and willing to undergo vetting and/or personality assessments to verify this if necessary Hands-on team leadership and management experience Typically, a background in technical IT roles or Cyber/Infosecurity related roles such as IT architecture or Cyber regulatory, development or operations, with a clear and abiding interest in information security
Apply for this job now


  • Job Reference: 714018564-2
  • Date Posted: 16 September 2022
  • Recruiter: Networkers Technology
    Networkers Technology
  • Location: London
  • Salary: On Application
  • Sector: Transport & Logistics
  • Job Type: Permanent