Denholm Associates
Job Description
Denholm are delighted to be working in partnership with a recognised and established energy and renewables company based in the heart of Glasgow, who are looking for three cyber security leads to support the delivery of their dynamic cyber assurance and resiliency programme.
The three focus areas for the roles include:
- Supplier Risk: Your primary focus will be ensuring the security of our third-party supply chain. You'll conduct risk analysis, maintain a supplier inventory, and develop contingency plans for supplier unavailability.
- Cyber Risk: Dive into data security and data loss prevention controls while maintaining a catalogue of sensitive data.
- Operational Security: Enhance our incident response capabilities with incident playbooks, simulations, lessons learned, and comprehensive training on security incidents.
Your Impact:
Join a team of dedicated cybersecurity professionals, where you will lead and manage cybersecurity initiatives. Your responsibilities include planning, directing, and controlling cyber security business operations, utilising resources efficiently, and initiating corrective actions as needed to ensure the success of the cyber security function.
You will be contributing to various cyber security functions, such as 3rd party management, data management, response & recovery, and training and awareness plans. You will be an integral part of the wider global cyber security team, bolstering the cyber security posture and safeguarding their systems and data against cyber threats.
What You'll Be Doing:
- Identify, assess, quantify, report, communicate, mitigate, and monitor security incidents.
- Ensure compliance with policies, processes, and procedures while driving process improvements to achieve operational objectives.
- Revise and enhance processes to strengthen their current Cyber Security posture.
- Review third-party supplier arrangements, highlighting security challenges.
- Manage data effectively, administer risk management activities, and maintain assurance frameworks to optimise control effectiveness.
- Orchestrate and integrate security services and platforms to maximise coverage and usage.
What You'll Bring:
Our client are seeking candidates who are degree-educated and possess technical expertise in security operations. You should have awareness of key legislation and regulations affecting IT control requirements in the energy utility sector (nice to have). Previous experience in planning, managing, and controlling cyber security functions and operations, particularly within energy utilities (distribution and transmission of electricity), is advantageous.
Technical Skills:
- Proven experience in managing Cyber Security, ideally with industry-renowned information security qualifications such as CISSP, CISM, BCS ISMP, or equivalent.
- Experience in managing cyber security in IT environments with both internal and external service provision, especially in continuous cyber monitoring and incident response.
- Proficiency in driving continuous cyber security improvement activities, with a strong working knowledge of ISO/IEC 27001/27002 and ISMS creation/maintenance.
- Familiarity with security platforms such as SIEM/SOAR, XDR, and Vulnerability Management is advantageous.
Personal Skills/Abilities:
- Strong tactical and strategic thinking abilities.
- Effective leadership and communication skills.
- Problem-solving prowess with a track record of negotiating successful outcomes.
- Strong relationship-building skills with key stakeholders locally and globally.
- A global perspective and multicultural approach.
- Proficiency in negotiation, facilitation, and consensus-building.
This role requires 2 days a week in their Glasgow office.
If you feel this sounds like an exciting opportunity and would like to hear more, please send in an up-to-date CV which showcases your skills and experience for the role.