Senior Governance, Risk And Compliance Consultant Cyber

Senior Governance, Risk and Compliance Consultant (Cyber)
Hybrid: 1-2 days per week in Windsor for meetings / collab
6 months
£750 per day

In short: Senior GRC Consultant required to join a large utilities client in increasing the function's capability across all group business units. You'll be responsible for the assurance of controls, regulatory commitments, ensuring programmes are compliant, developing a new approach to fulfil the client's vision.

This role involves line management of 3 compliance analysts.

In full:

Purpose

• Drive adherence for UK and Rest of the World external regulatory requirements and ensure the client maintains required certifications (e.g. ISO27001, PCI DSS, etc)
• Manage the internal compliance framework, ensuring the status of key controls and requirements is understood and reported

Accountabilities

• Establish compliance oversight of security activities by ensuring key security controls are identified, agreed and monitored
• Report and highlight compliance exceptions and track the remediation plans
• Manage all audit and assurance activities, ensuring reviews are scoped accordingly and resulting actions are managed to resolution
• Ensure the control framework incorporates required controls to fulfil regulatory requirements
• Work with relevant architecture, engineering and operational teams to ensure regulatory requirements are incorporated into solutions and facilitate agreement on target architecture (where necessary)
• Assess new or updated solutions to ensure they comply with regulatory requirements and the target architecture
• Provide subject matter expertise and consultancy on regulatory requirements

Competencies

• Strong knowledge of external regulations such as PCI-DSS, GDPR, FCA, PRA
• Understanding of power utilities, retail energy, oil & gas and associated directives e.g. Smart Energy Code, CNI
• Strong knowledge of information security technologies, such as identity and access management, encryption, and multi-factor authentication
• Ability to drive technical consensus and facilitate agreements with challenging stakeholders
• Ability to understand business visions and strategy and anticipates the associated risks from a technology and security perspective
• Effective management style, with strong communication (oral and written) and conflict management skills

Experience

• Significant experience in a Senior Regulatory Compliance role
• Extensive experience of working with External Audit teams and Regulatory Bodies
• Performed reviews of technical designs to ensure compliance with security requirements
• Performed management roles across the Technology function
• Managed small and medium-sized teams in a line management capacity
• Developed communication material and reporting suitable for CxO level and senior leadership
• Managed Governance, Risk and Compliance tools and methods

Candidates will ideally show evidence of the above in their CV in order to be considered.
Please be advised if you haven't heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly. Pontoon is an employment consultancy and operates as an equal opportunities employer.