Location
Oxford, Oxfordshire | United Kingdom
Job description
PSI is a leading Contract Research Organization with more than 25 years in the industry, offering a perfect balance between stability and innovation to both clients and employees. We focus on delivering quality and on-time services across a variety of therapeutic indications.
Job Description
This position is remote or office based in based in the UK
The IT Risk Manager is responsible for participating in the development and enhancement of PSI-wide technology risk assessment programs, stays abreast of regulations, rules, and requirements to which PSI is subject. Other tasks will involve;
- Ensuring compliance with applicable information security standards and regulations.
- Leading interviews/ walkthroughs with key stakeholders to establish understanding of controls that exist within IT systems to ensure that relevant controls are accurately documented.
- Leading device assessments and gathers specific information across various infrastructure components to allow for risk assessment, design assessment, and control operating effectiveness testing.
- Collaborating with stakeholders, both IT and non-IT, to execute assigned duties.
- Partnering with key stakeholders to identify and assess proposed plans to remediate issues and/ or deficiencies identified during risk assessments.
- Informing key stakeholders of assessment results based on the procedures performed, and the impact those results have on PSI.
- Leading customer IT audits and questionnaires
Qualifications
- Degree in Computer Science Information Systems, or Information Technology
- One or more technical security certifications (CISSP, CISM, CISA, CRISC, CGRC)
- Minimum of 5 years of experience with IT audit, information security, IT governance and/or IT risk management.
- Experience in risk and control assessments.
- Experience building, maintaining and operationalizing IT risk metrics.
- Proficiency in the following areas: networking, cloud computing, vulnerability management, Identity and Access Management tools, Active Directory, Privileged Access Management, Multifactor Authentication and Single Sign-On concepts, baselines, security monitoring, change management, asset management, incident response, SSDLC, encryption.
- Proficiency in risk frameworks such as NIST, COBIT, or ISO.
- Proficiency in information security management systems and relevant industry standards and control frameworks (in particular ISO270xx, CIS Controls, ICH CEH)
Additional Information
Make the right call and take your career to a whole new level. Join the company that focuses on its people and invests in their professional development and success. Your role will be very important - you will help enhance our company's profile as the best place to work.
Job tags
Salary