Website Royal Mail
RMG Cyber Security Operations primary functions are to protect information assets and detect, analyse and respond to security information and events. In support of these objectives RMG Security Operations are looking to augment their existing team through the addition of an Information Security Adviser. Your role will be to support the Information Security Lead and provide credible information security advice and guidance to projects, suppliers and business stakeholders within RMG. You may also be required to support the development of security architectures and patterns, policies, standards and participation in governance and decision-making forums.
- Effective Security Advice . The role holder will ensure that RMG projects and programmes receive timely, accurate and pragmatic security advice in support of the Information Security Lead that positions security as a business enabler not a compliance function.
- Strategic Focus . Support the Information Security Leads in providing the subject-matter knowledge and contribute to the delivery of projects and workstreams in support of business change projects and ensure that risks are identified and managed in line with the Board’s Risk appetite.
- Supply chain assurance . Able to advise on and manage SaaS and PaaS contracts and to support the incorporation of these seamlessly into RMG’s own capabilities. The role holder will support the Information Security leads in the provision of key support to others’ procurement activities as part of change programmes or BAU.
- Stakeholder management . Able to support the Information Security Leads in the engagement and influence ofstakeholders across the business with the ability to explain complex issues in simple language, and to lead the adoption of secure technologies.When a Security
- Lead is not available the advisor may be expected to engage stakeholders directly. Support the provision of subject matter knowledge and advice to RMG stakeholders on updates to policy, standards, and processes for information security and protection, to align with organisational priorities and risk appetite.
- Good knowledge of Cybersecurity practices within a commercial environment.
- Demonstrable experience of providing security advice in complex business environment.
- Working knowledge of data management, data security and the demands of GDPR and the UK Data Protection Act.
- Good knowledge and understanding of technology procurement and vendor technologies.
- The will to succeed in support of the business’ goals and to align potentially competing agendas to effectively manage Cybersecurity risk within the business risk appetite.
- Willingness to learn and develop, together with the patience and resilience to overcome change inertia.
- Sound understanding of Software development practices and Secure Development Lifecycle (SDLC).
- Demonstrable understanding of current and emerging technologies and their security features, together with experience of securing legacy systems approaching end of life.
Qualification & Experience:
- Any recognized security related qualifications would be an advantage if already held Working towards, CISM, CRISC, CIPP, CISA would be advantageous
- ITIL or related qualifications a bonus.
Company: Royal Mail
Vacancy Type: Full Time
Job Functions: Project Management
Job Location: Leeds, England, UK
Application Deadline: N/A