- Contract Type
- Contract Type
- Full Time
- Work from home transitioning to Chorley office
As part of our growth we have an opening a for a Information Security Risk Manager.
Utiligroup is a market-leading provider of innovative technology and services to the utilities and energy industry. We are creating a more competitive utilities sector, improving our customer’s lives through better service and greater choice and guiding our clients through complex industry change. Our purpose is to make utilities smarter for everyone. We deploy our technology and talent to deliver innovation and automation through our SaaS and Business Process Management solutions from which we create actionable data analytics and insight. To date, Utiligroup has enabled a significant number of new entrant energy suppliers to enter the industry and we manage several million customers on behalf of suppliers and metering companies. Clients include a host of well-known energy providers, both UK and overseas based.
- Organise BCDR testing for the business and manage any remediation work.
- Manage, create and update information security policies, procedures and guidelines.
- Support the business to ensure information security compliance with industry regulations and data privacy laws including ISO27001.
- Support information security risk assessments using recognised methodologies, such as ISO27005.
- Monitor, configure and calibrate security monitoring tools.
- Lead investigations, reporting and remediation activities of security incidents.
- The post holder will have a broad understanding of IT technologies and knowledge in a number of key IT Security technologies such as firewalls, email filters, anti-virus, security incident and event management (SIEM) tools and intrusion detection systems.
- Research the latest information security threats and vulnerabilities.
- Monitor the patch management process.
- Monitor vulnerability scans and implement appropriate steps.
- Monitor and maintain the KCLM processes.
Working Hours & Location
Monday to Friday, 08:30-17:00 or 09:00-17:30. A minimum of 37.5 hours per week.
Limited travel to external sites will be required. Given the ongoing situation with COVID, you will initially work remotely, with dedicated support being provided by a senior developer by way of Zoom, Slack, Phone, Screensharing etc. However, our ultimate goal will be to return to our Chorley based office in the coming months, which is where you will be based. However, there will still be an option of working remotely when this happens, but it will be subject to successfully completing the probation period, which is 6 months.
Experience & Skills
- Knowledge of ISO27001 Information Management System implementation.
- Security risk assessment and treatment using recognised methodologies (ISO 27005).
- Knowledge of security Incident event management and monitoring.
- Working to tight deadlines.
- Analytical thinking and attention to detail.
- Good communication skills, both written and verbal.
- ISO9001/ISO27001 Lead Auditor
- IT and networking skills
- Formal security qualification, such as CISM or CISSP, either certified or working towards
- Awareness of BCM
- Supporting penetration and security vulnerability tests
- Security threat monitoring and management
- Smart Energy Code / Smart Metering security requirements
- ISO Responsibilities
- ISO Staff Awareness
- Follow IMS Policies
- Reporting of Incidents