This is an exciting time to join the Cyber Security Team at Affinity Water in a critical role.
The Cyber Security Manager will be afforded a large amount of autonomy to manage the Information Security Management System and help shape the future Cyber Security landscape within the business. The CSM will be looked to as a subject matter expert within the business, supporting a variety of business functions in the aim to remain secure while delivering an excellent service to our customers. This role will combine strategic thinking with technical expertise and draw upon a multitude of different skill sets. The CSM role is an excellent position for someone looking to take the next step in their Cyber career
As a pivotal figure within our organisation, this role demands an individual with a comprehensive understanding of security risk assessments, Information Security Management Systems (ISMS), and the ability to develop and implement robust security policies and procedures.
Responsibilities:
- Oversee and manage the ISMS, including the creation and maintenance of related policies, procedures, and standards, with the aim of achieving ISO27001 certification.
- Conduct thorough security risk assessments across all organizational assets and ensure proper documentation.
- Perform third-party security risk assessments to maintain a secure supplier ecosystem.
- Develop and implement Key Performance Indicators (KPIs) within the security function and report findings to appropriate stakeholders.
- Collaborate closely with all departments, including the Executive Leadership Team and Technical IT specialists.
- Assist in the creation, implementation, and maintenance of security controls aligned with the NIST Cyber Security Framework.
- Possess a deep understanding of Operational Technology within a Critical National Infrastructure (CNI) environment.
- Support the Head of Security in generating executive reports and presentations.
- Provide guidance and support to senior managers regarding training and awareness initiatives.
- Advise on security requirements for various projects and liaise with regulators, external authorities, and industry partners.
- Contribute to the strategic direction of the Cyber Security function.
Requirements:
- Proven experience in operating and enhancing an ISMS.
- Demonstrable expertise in assessing internal security controls and offering remediation advice to diverse stakeholders.
- Strong familiarity with control frameworks such as ISO27001 and NIST CSF.
- Understanding of current and emerging threats to CNI organizations.
- Track record of driving cultural change in a Cyber Security environment.
- Industry-recognized certification in enterprise security management (e.g., CISSP, CISM, CISA).
- Excellent written and verbal communication skills.
Desirable:
- Knowledge of security technologies including SIEM, AV, Behavioral Detection, AI and ML, Email Security, and IEC62443.
- Direct experience managing security incidents.
- Familiarity with the UK Water industry and PCI DSS.
Benefits include:
- Salary dependent on experience
- Level 2 car allowance £4305 per annum
- Annual leave 23 days, plus a celebration day, plus bank holidays, rising with length of service
- A generous pension scheme that doubles the contributions you make, up to a maximum of 12%
- We offer enhanced Maternity, Adoption and Shared Parental Leave. We also have a Carers policy and Menopause policy to help us support our people through different stages of their lives.
- Company bonus scheme
- Access to our Wellbeing Centre with support for looking after your physical and mental health
- Improve your home-work balance with the opportunity for hybrid working
PR1
You can find out what it’s like to work at Affinity Water through our career site https://www.affinitywatercareers.co.uk/ where our colleagues share their career development stories and you can get a feel for our company culture.
Affinity Water recognises the benefits of greater diversity in our workforce to better reflect the communities we serve. We are committed to building a more inclusive culture where every member of our workforce can thrive.