Business Continuity/Infosec Grc Consultant

Business Continuity/Infosec GRC Consultant

Russian hacker, Vladimir Leonidovitch Levin, attempted the biggest bank heist the world had ever seen via dial-up internet in 1994, Zia Hayat, Callsign CEO and founder, was hooked - armchair fraud became a real possibility. From this moment, Zia knew he wanted to play a part in stopping the bad guys and securing the internet for all. Founded In 2012, Callsign's mission has been to make Digital Identity simple and secure for everyone and everything. In that time, we've grown to over 170 employees, opened an office in Abu Dhabi & expanded to the USA, been recognised as a WEF Global Innovator and our technology is being used by many of the world's leading financial institutions to keep millions of consumers safe.

But we aren't stopping here. The identity revolution has only just begun, and we are looking to hire the brightest and inquisitive minds to help us make every web, mobile and physical Interaction seamless and secure. If this sounds like you, lets chat.
We are looking for a self-motivated and ambitious Business Continuity professional with experience in Information Security GRC to join our Security Risk Team. The role will is primarily inward focused and will be based in our City of London HQ on a hybrid working basis (minimum 2 days per week).

The ideal candidate will demonstrate a strong track record of working collaboratively in a technology-based service delivery business and will evidence their contribution to improving both operational resilience and information security frameworks.
You will:

• Provide expertise, leadership and support in maintaining Business Impact Assessments and Business Continuity Plans that are fit for purpose and meet the needs of our global customer base

• Design and assist with the business exercising programme, considering a range of scenarios to test arrangements and recovery capabilities both internally and with third parties and provide comprehensive reports and relevant performance data 
• Help manage BCM incidents effectively, appropriately and provide robust lessons learnt, incident reports and make recommendations
• Document, track and manage improvement actions through to a timely conclusion with relevant teams across the organisation

• Provide expertise, leadership and support on operational resilience across the business ensuring compliance to any regulatory requirements and standards, and ensuring IBS documentation is accurate and is fit for purpose 
• Provide detailed responses to customer queries on our operational resilience plans, tests and capabilities
• Have hands-on experience implementing and/or auditing ISO27001
• Be able to conduct internal audits
• Maintain effective relationships with internal and external stakeholders
• Evidence extensive Information Security Governance, Risk and Compliance (GRC) experience as well as InfoSec Operations experience
• Support the management of the Information Security Management System and ensure compliance with its components.
• Support the wider responsibilities of the Security Risk Team in delivering effective Security Governance, Risk and Compliance; Data Privacy Governance, and Third-Party Risk Management
• Be flexible in your approach to work covering unsociable hours or team members during leave should the need arise
• Be prepared, if needed, to travel to other Callsign locations including Abu Dhabi, Manchester, USA to carry out your duties

Requirements

You will bring

• Extensive experience in Business Continuity/Operational Resilience and Crisis Management including planning BC rehearsals and testing activities
• Education to degree level or equivalent 
• Have experience facilitating meetings and workshops at operational and senior management level
• Evidence of managing senior stakeholders at board/c suite level
• Strong knowledge in the production of formal policy/procedural type documentation
• A sound understanding of business operating models within a cloud-based SaaS technology environment
• Knowledge of business resilience regulation in relevant locations
• Strong communication skills (written and verbal) 

• Strong interpersonal skills
• Proven previous experience of working within GRC focused Information Security Consultant / Officer / Manager position.
• A formal qualification in an Information Security discipline e.g., CISM. (where significant experience can be demonstrated, this will be considered)
• Experience of ISO27001 audits, NIST audits or similar, ideally being a Certified ISMS Lead Auditor (CIS LA)
• A strong technical understanding of security and resilience controls for SaaS on cloud environments such as AWS, GCP, Azure

A note from the hiring manager, Ian (Chief Security Officer)

“I’m looking forward to meeting with prospective candidates about this exciting role which will be a key part of our global team. I’m looking for someone who has experience in the InfoSec GRC space as well as managing operational resilience programmes. We’re a close-knit team who set high standards for ourselves and demand it from others. That said we also recognise that having time for fun is as important as hard work. So, if you’re a pro-active hardworking individual, that
loves working in a collaborative and fun team then get in touch and see if this is the role for you.”
Applications will close on Friday 12th July with phone screenings taking place between 8th July - 19th July.
First and second round video interviews are expected to be w/c 29th July and 5th August respectively.
We look forward to hearing from you and why you'd be a great fit for this role!

Benefits

Pension with Scottish Widows

Private Medical Care with Vitality

Life Assurance (4x Basic Salary)

Personal Learning & Development budget

Cycle to Work Scheme

Company Family Leave

25 days annual leave plus the Callsign Bank Holiday