10 months ago
We have a brand-new role to fill within our Security department: The Risk and Consulting Manager is a Senior level role within the Admiral Group Security department. The role is intended to manage and improve the overall risk management and advisory services of the Security department and ensure that current and future cyber risk exposure is minimised through effective mitigation activity.
About the team
The Risk and Consulting capability sits within the Security Risk and Governance team.
The team is ready to move to the next level of maturity for Information Security Governance and Risk Management with a set of defined processes.
The Risk and Consulting Manager is responsible for management of the Risk and Consulting team. They will need to ensure accurate reporting and management of asset information, dataflows and mapping, business impact assessments, resilience requirements, vulnerability and threat intelligence information, and all risk assessment, risk management and advisory processes.
They will ensure that the Consultants are correctly preparing business impact assessments and other key information required to carry out a full risk assessment effectively and accurately.
They must also be aware of the legal and regulatory requirements of the organisation for reporting and management of risks ensuring alignment with broader operational risk management processes.
The Manager will also be responsible for optimising risk management processes across the security department.
The Manager will mentor and advise on the development and implementation of risk assessment and management processes. They will:
* Identify sources of threat, vulnerability, likelihood, and impact information used to determine risk
* Ensure appropriate technical risk responses are identified and prioritised
* Establish and operate an appropriate risk management methodology and associated processes
* Ensure information risk management processes are aligned with wider organisational risk management approach
* Build effective relationships with stakeholders from the wider Admiral community to establish the team as a trusted advisor in information risk management
* Implement security within contracts with suppliers and third-party partners
* Manage the assessment of suppliers and third-party partners using audits, test results, or other forms of evaluations to confirm they are meeting their obligations to protect Admiral’s information assets
* Conduct response and recovery planning and testing with suppliers and third-party providers
* Assure the quality of work of the Technical Security Consultants within the team
Experience and Qualifications Required
The Risk and Consulting Manager will have considerable experience in Risk Management, be familiar with control sets, risk assessment methodologies and be able to structure these into risk management frameworks. The ability to communicate effectively with key stakeholders in IT is required, therefore a technical background is essential for this role. Additionally, the role holder should have proven experience of leading a team.
* Knowledge of risk management methodologies and control frameworks
* Security architecture and/or design experience
* Technical knowledge of security, with the ability to demonstrate practical application of controls
* Strong attention to detail, with excellent analytical skills
* Ability to communicate constructively and confidently and work well with others
* Degree in a technical discipline or equivalent experience
* CRISC, CISM or CISSP
The Recruitment Officer looking after this role is Jessica Sutton. If you have any questions about the position, please feel free to drop her an or give her a call on the Recruitment line.
Our success goes hand-in-hand with having a strong culture where we put our people and customers first. Our philosophy is simple yet effective: people who like what they do, do it better, and this in turn, means that our customers receive the level of service and products that they deserve. Our culture is honest, open and wholeheartedly focused on four key areas: Communication, Equality, Reward & Recognition, and Fun.
At Admiral, we are proud to be a diverse business where we put our people and customers first. We understand that a good work life balance is important, and we want you to have an element of freedom to define a working lifestyle that supports this. We are happy to talk about flexible working. Please ask your Recruitment Officer, Jessica Sutton, for more information.