Compliance and Governance ManagerManchester
Time TypeFull time
Salary£50,000 - £60,000
Area of BusinessRisk Audit & Compliance, IT
LocationManchester - Wythenshawe Concord Bus Pk Threapwood R
Job ID 00024384
About the role
What is the job?
We are looking for a Compliance and Governance Manager to join our Technology function, they will be accountable for providing compliance and governance guidelines and advice across all areas. This includes taking key decisions in compliance standard control mitigation, developing evidence scope with the business unit senior managers and representing departments at Director level to ensure business units are ready for certification audits.
Carry out regular operational reviews of the business units in the division to ensure certification is maintained and work with business units to raise appropriate risks and ensure these are captured in the central register.
In doing so, protects the confidentiality, integrity and availability of all informational assets and systems. Effectively delivers through the understanding and provision of guidance and monitoring, related to regulation, legislation, international standards and industry best practice for information security.
What will you be doing?
This is an interesting and varied role, which will keep you busy day-to-day on all manner of activities. You will have a strong knowledge of the governance/ compliance standards that apply to each Business Unit and be aware of the current status of compliance against those standards (including 27K, CAS-T, Encryption Overlay, PCi) and identify and manage the actions required to ensure compliance to the required governance standards.
You will operate the information security management system framework across and develop, implement and monitor security policies and security controls in accordance with recognised best practice and in line with ISO27001
As the Compliance and Governance Manager you will be the subject matter expert to the division and support a wide range of projects to ensure information security is embedded appropriately
You will also undertake assesments of proposed technical architecture changes to ensure they are of the highest standard and respond to security incidents and breaches, conduct investigations, report results and recommends mitigation strategies
You will be required to create a consistent approach to documentation, documentation repositories, evidence capture and compliance action management and ultimately be the single point of contact between Group Security, Internal Audit, Security and technology business units – run and attend regular meetings with the aforementioned groups to ensure that our Executive team are aware of the latest security issues, standards and requirements (i.e. CAS-T)
You will create a Governance Assurance Pack for each critical Business Unit which will contain all pertinent information relating to that Business Units compliance status, providing clear advice for these using knowledge of the standards controls and support for Business Units both prior to and during an audit as required.
Are you right for the role?
To be successful in this role the right applicant will have:
- Broad knowledge and understanding of internal and external compliance disciplines, including SOX,PCi,CAS –T, Encryption overlay , ISO27001:2013 and 20k
- Willingness to undertake BPSS / SC clearance is required
- Broad knowledge and understanding of business functions with particular emphasis on operational processes and support
- Familiar with the methods and techniques for risk management and business impact
- Strong senior stakeholder and customer management skills
- Minimum 5 years previous technical experience gained within a large commercial environment
- Strong analytical and (re-)structing skills
- Operational process development skills and experience.
- Ability to agree and formalize standards across diverse and dynamic teams
What to do now?
If this sounds like a great next step in your career then click apply to send through your profile.