Senior Cyber Compliance Manager NIST / Audits / Smart Metering
This role will be part of Cyber Security Directorate, which has two main objectives:
- Protecting the UK National Infrastructure - Act as Competent Authority (CA) for implementing Regulations for Operators of Essential Services (OES), to improve security and resilience
- Protecting Infrastructure - Ensure that the client maintains appropriate levels of security, privacy and resilience to protect; our people, data, operations and facilities from harm.
The role will be working in the CA function reporting to the Head of CA Assurance.
The key purpose of the role is to monitor, support, report and instruct against the regulatory framework to ensure operational systems and networks owned and/or managed by Operators of Essential Services against cyber and related security threats.
- Accompany the auditors during inspections and record findings
- Randomly conduct audit inspections of operators or on new audit requests
- Demystify subjectivity between the auditors
- Manage the auditor pool in assigning, scheduling and prioritising audits providing clear plans/instructions to meet timely inspections.
- Maintain a record of all audit inspections, managing the inspection reports, providing analysis and outcomes.
- Provide scrutiny of audit reports; assessment reports, improvement plans and incident reports.
- Support the Assurance programme and projects in developing, drafting and/or reviewing framework, policies, guidance, procedures, risk assessments where necessary to operate as Competent Authority.
- Escalate non-compliances and offer advice to support a balanced penalty process.
- Collate and formulate sector wide risk views.
- Record outputs and decisions from audits and meetings, including any incidents, which may form part of an enforcements process.
- Provide compliance on the Smart Metering programme, including but not limited to, attending regular review meetings, monitoring supplier compliance, monitoring the governance board; monitoring and contributing to any proposals for modifications/changes; develop briefing for governance board and sharing intelligence with Other Governmental Department(OGD) stakeholders.