Primary role purpose:
The SVP, Global Security and Cyber leads an agile organisation, which is responsible for Security Strategy, Governance and Risk Management; Security Architecture and Engineering; and Security Operations.
Inmarsat has implemented an Information Security Management System (ISMS) which is certified to ISO 27001 standard. The ISO 27001 is a risk-based standard: identifying and understanding information security risks is a pre-requisite for a successful implementation of the ISMS.
Reporting to the Senior Director, Security Strategy, Governance and Risk Management, the Information Security Risk Manager will work be responsible for:
- Design and implantation of risk management frameworks;
- Information security risk management policies and procedures, standards, tools, and techniques for assessment of risk-mitigating controls;
- Risk monitoring, reporting and escalation through an integrated Information Security Risk Register.
The successful candidate shall be able to work independently, demonstrating initiative and autonomy, within an highly integrated team.
- Execute the end-to-end process to manage information security risks within Global Security and Cyber activities, including procedures design and implementation, coordination of deliverables, and escalating matters to management, as applicable
- Working collaboratively, and transparently with Security Risk Champions (SRCs) across the business to identify and assess information security risks in line with published information security risk management policy and procedures achieving consistency and efficiency in the risk management frameworks design and execution
- Track and maintain applicable deadlines, ownership, and follow-up with stakeholders
- Prioritize and manage multiple tasks and deadlines
- Perform data extracts and create analyses and impact reports for senior management
- Escalating to management and stakeholders, as applicable, potential exceptions, concerns, and delays in addressing risk remediation
- Support the design and implementation of quantitative risk analysis
- Assist in development, execution and delivery of annual risk workshops with key stakeholders
- Assist in challenging and following-up on definitions of risks controls, controls testing and corrective action plans management
- Assist in documentation and submission of information and presentations for internal management committees
- Develop and maintain relationships with key stakeholders across organisation
- Foster, promote, and uphold Information Security Risk Management culture at Inmarsat
- Actively participate in risk management working groups
Key Knowledge, skills and experience:
- Demonstrable knowledge of Information Security Risk Management framework design and implementation, and processes oversight, including workflows and reporting
- Experience with effectively and efficiently executing and documenting planning, fieldwork, reporting and issue tracking/validation in connection with monitoring/testing design and operational effectiveness of controls
- Demonstrable knowledge and previous work experience of ISMS (ISO 27001).
- Understanding of Enterprise Risk Management principles
- Experience and proficiency with data collection, data analysis, data interpretation, and data quality
- Relationship building and interpersonal skills
- Comfortable and confident in leading change
- Highly Organised and able to manage multiple priorities
- Comfortable communicating at all levels of the organisation
- Support, influence and promote risk and risk management culture
- Ability to multi-task with a 'can-do' attitude
- Organized self-starter with good project management and communication skills
Desirable for the role
- Working knowledge of NIST Framework for Improving Critical Infrastructure Cybersecurity
- Understanding of Crisis Management and Business Continuity
- Hands-on experience of quantitative analysis for measuring and managing information risk (FAIR Methodology)
- The candidate will preferably be educated to a degree level or above in an Information Security related discipline. CISA, CISM, CISSP, ISO27001 (Lead ISO Auditor) or equivalent.
- Project management experience is advantageous.
- Data analytics skills and experience preferred.
You must be eligible to work in this location advertised.
Our values define Inmarsat’s culture and represent what we believe in. Inmarsat employees aspire to certain behaviours which support our corporate values, they create a stronger working environment and lie at the heart of our continued success as an organisation.
- Customer – Providing a unique value to our customers
- Accountability – taking ownership, getting results and keeping our promises
- Respect – collaborating, embracing diversity and valuing differences
- Excellence – creating bold solutions for our customers and putting quality at the heartof everything we do
As an employer, we believe in facilitating a flexible working environment where possible while taking into consideration the operational requirements of an employee’s position and work unit.
Inmarsat warmly welcomes applications from suitably qualified and eligible candidates regardless of sex, age, race, disability, sexual orientation, gender identity, religion or belief, marital status or pregnancy and maternity. Please let the Resourcing Team know if there are any ways in which we can support you in the hiring process.