IT Security GRC Executive
London – Hybrid Working (4 days fortnightly)
6month initial contract (Inside IR35) 
 
A global investment management firm are looking for an IT Security GRC Executive to join on a contract basis. You would be joining a small, multifunctional team who tend to have more than one role across the business closely collaborating with each other. As the team grows, they require more structure and segregation of duties.
You would be reporting into the Head of Security and be responsible to develop, implement, and manage an Information Security Management System (ISMS) control framework based on an industry-recognised standard. You  will ensure the Group’s compliance, risk and audit controls for IT security are in place.
 
Responsibilities:

• Ensuring an ISMS is developed, implemented, and maintained
• Ensuring that the controls, standards, policies, and processes are in line with a recognised information security framework and the expectations of the Financial Conduct Authority now and in the future.
• Undertaking both internal and third-party information security risk assessments
• Collaboration with other teams inside and outside of IT as required to support the development of the security awareness programme.
• Contribution to the continued development of the overall Security model and strategy.
• Act as deputy for the Head of Security as required. 

You will need:

• Previous experience in similar post is essential, ideally within a Financial Services (Private Equity/Investment Management/Investment Banking) or NGO organisation, as that experience will contribute to building the structure and discipline for this function.
• Capable of communicating equally well with business users and technical professionals at all levels.
• Previous experience of developing and implementing an Information Security Management System aligned to a recognised international standard (ISO27001, NIST, etc.).
• Prior experience of deploying and managing an information security awareness programme.
• Previous experience conducting information security risk assessments, gap analysis, and supporting internal and external audits.
• Knowledge of standard relevant best practice frameworks
• Excellent reporting and presentation skills
• Experience of supporting information security change in an international environment is desirable

A great opportunity to join a company going through a growth period, providing expertise and knowledge within their security team.

Cornwallis Elt is an Employment Agency & Employment Business and has been listed 3 times in The Sunday Times Virgin Fast Track 100 of the UK`s fastest growing private companies, as well as in the Recruitment International Top 250, Top 50 in IT and the Recruiter Fast 50 & Hot 100 reports.