Technology, Resilience & Information Security Risk Manager

*This position is a Remote Working position (occasional travel may be required) and requires SC clearance, meaning 5 complete years residency in the UK up to present date.

Atos are Europe’s top choice for cybersecurity, cloud, employee experiences, digital technology & transformation services. We deliver tailored, secure, and sustainable end-to-end digital solutions worldwide, powering the success and impact of global businesses for their clients and society at large.  

The role will reside in the Atos BTS Risk & Assurance Directorate which provides oversight and assurance services to established Aegon and Royal London clients, for which Atos provide both operational and technology services, and to the NS&I account, which is currently going through an Exit and Transformation programme that includes the off boarding of services and the transformation of key IT services. For further reading please refer to NS&I’s website on project Rainbow.

Your job in a nutshell:

The individual will be a prominent member of the Risk Team, being the subject matter expert for security, operational resilience and technology related risk assessment and oversight, and monitoring adherence to policies/standards.

The role holder will support the Aegon, Royal London and National Savings & Investments accounts overseeing business as usual activities as well as change and transformation work.   

This role is pivotal to ensuring Atos mitigate the risk of Technology and Information Security incidents and provide assurance and oversight for the business in its current state and as it changes. 

What will you be doing:

The key objectives of the Technology, Resilience and Information Security Risk Manager includes:

• Risk Management – Monitoring of Technology, Resilience and Information Security business areas and highlighting key risk trends, evaluating risks and opportunities for improvements, and communicating these to senior stakeholders where necessary.
• Governance – Attending governance meetings to oversee risks (including horizon risks), key processes and events within allocated business areas to ensure that strategic, tactical and regulatory obligations are met.
• Stakeholder Management - Building and developing long terms relationships with senior stakeholders both within the business and with our clients.
• Change - Undertaking oversight of significant change initiatives, to ensure that the risks on delivery into BAU are clearly understood and mitigated.
• Assurance – Leading a portfolio of Technology, Resilience and Information Security related assurance engagements across our business and third parties, including effective people management and working seamlessly and collaboratively with colleagues in other parts of the business and client site.
• Advice & Guidance – Contributing to the latest thought-leadership and industry research relating to Technology & Information Security issues, including organisational crisis and response management to cyber issues; and
• Training & Awareness – Creation and delivery of training and awareness sessions.
• Reporting – Developing Risk reports and embedding within business processes.
• Horizon Scanning – Scanning the internal and external environment for security related threats and reporting of the same.

Requirements:

• At least 3-4 years’ experience in one or more of the following areas:  Information Security, Technology Governance, Operational Risk, Technology Audit, Technology Infrastructure or Application development and preferably a background in Data Privacy and Risk Management.
• Experience in handling large complex organisation.
• Experience of Risk Management practices including Risk Control Self-Assessment.
• Experience of Industry Technology Standards and Certificates.
• Self-starter who can work independently, with the ability to take complex tasks and deliver outcomes.
• A broad range of cyber experience, likely including experience across a number of areas such as certifications (such as ISO27001 or SOC2), advanced threat readiness and protection, application protection, identity and access management, incident response, information privacy and protection, cyber risk analytics, vulnerability management.
• Good understanding of the FCA’s Operational Resilience requirements set out in the FCA policy statement PS21/3.
• Strong commercial awareness and business acumen, including specifically a good understanding of technology and cyber risk to both business processes and supporting technology.
• Strong interpersonal skills and experience of developing strong client relationships, either as a consultant or demonstration of significant influencing abilities within an organisation and demonstrable ability to solve complex problems objectively, using an appropriate combination of analysis, experience and judgement.
• Delivery of high-quality complex projects including effective programme, project, financial and people management. 
• Excellent communication skills and the ability to communicate highly complex concepts effectively both written and verbal, appropriately tailored to people from a very wide range of cultures, technical backgrounds and seniorities.
• Ability to analyse internal and external processes and integration to understand risk.
• Experienced in risk management methodology and Incident Management.
• Experience in collaborating with a team of security experts in a diverse set of security topics including, but not limited to, security architecture, financial controls and regulatory compliance, identity and access management, penetration testing, data loss prevention, network security, security monitoring, and building secure systems.
• Understanding of relevant audit and control standards and the ability to drive and maintain the compliance initiative across the organization.

Rewards and benefits:

• 25 days annual paid leave;
• Participation in Annual Bonus Scheme;
• Car Allowance;
• Private medical care;
• Pension contributions up to 10%;
• Flex benefits program;
• Wellbeing programs & work-life balance - integration and passion sharing events;
• Courses and certifications opportunities.

As a Disability Confident employer, we encourage applications from all applicants, especially, differently abled applicants. We aim to ensure that those who meet the minimum criteria for this position will be offered an interview. We are committed and willing to making reasonable adjustments to the application and assessment process to accommodate your needs. If you would like to discuss this further, please contact us via our dedicated mailbox - UK-Recruitment-Support@atos.net

Recruiter Contact:

Please write directly to Diana Yurukova on LinkedIn https://www.linkedin.com/in/diana-yurukova-2a91a363/

*If you require additional support with the recruitment process, please let us know during the application process.