Capita Travel and Events requires a Risk Manager for a 6-month contract which can be based in Derby or Stockport. For over 40 years, we have brought together almost 1,000 of the most knowledgeable people in our industry, all of whom are empowered to help our customers realise the value of our unique 'smarter working' approach - helping to drive down costs and remove unnecessary travel whilst delivering policy compliance.
The purpose of the role is to maintain the ISO27001/GDPR Information Asset Register and its list of information asset owners. To assess related threats and vulnerabilities. To analyse the potential impact, document the resultant risks and identify any control gaps. To produce a risk register for adoption and management by the business specific to ongoing GDPR work.
Key Activities and Responsibilities
- Maintain Information Asset Register (IAR) and associated list of asset owners as required by ISO27001 and GDPR
- Document process for review and update of IAR.
- Classify "At Risk" personal data
- Conduct Threat and Vulnerability Reviews in relation to such data
- On the basis of these reviews, conduct Impact Assessments including, where and if required by the GDPR, formal Privacy Impact Assessments (PIAs)
- Carry out analysis of Inherent Risk, challenge management on Information Risks, recommend Business Process changes as necessary, identify gaps in Technological Controls and document Residual Risk following treatment for inclusion in the CTE Risk Register
- Support management with the development and maintenance of the CTE Risk Register.
- Assist Head of Information Security to provider clear, pragmatic guidance and support to the business on all legislative and regulatory issues relating to Information Security.
Liaise with the Operational Security function within Business Technology to ensure appropriate Technological Controls are applied
Help promote general Risk and Compliance awareness in CTE.
Additional activities as requested.
PC skills including Word, Excel, and PowerPoint.
Experience in information risk, operational risk, compliance or internal audit
Good problem solving and analytical skills and an ability to make decisions.
A friendly, helpful and positive manner with an optimistic, open and flexible approach to change.
Strong communication (including report writing), challenging, investigative, influencing and presentational skills.
Ability to produce reports delivering key issues and messages with minimal managerial input.
Knowledge of business continuity, information security and data protection regulations and best practice
Knowledge of new GDPR regulations
If you would like to be considered please apply asap alternatively you can send your cv to *************************** if you are experiencing any difficulties.
Follow Capita on twitter @capitacareers
Follow Capita on facebook @careersatcapita
Capita Resourcing welcome applications from all suitably qualified people regardless of gender, race, disability, age or sexual orientation.
Capita Resourcing is a trading name of Capita Resourcing Ltd. Services offered are those of an Employment Agency and Employment Business. Applicants will be required to register with us.
If you are successful with your application, you will need complete Capita's vetting and screening checks. This will include, but not be limited to, Reference Checks, a Criminality Check, Financial Probity Check, Sanctions Check and Media Check.
This job was originally posted as www.jobsite.co.uk/job/959510460