Filter by category

Filter by type

Security Risk and Assurance Manager at Our Future Health

go back to Developer Jobs
  • London
  • fulltime
  • -
  • We are expanding our Security Team! Our Future Health are looking to recruit a Security Risk and Assurance Manager, this is a new opportunity where you’ll join the newly formed Security Team, reporting into our Director of Information Security. In this role, you’ll take the lead on security risk activities, managing our security risk register, security assurance which includes third party security assurance. If you have experience of the above and you’re looking to contribute to our mission, we’d like to see your application.

    At Our Future Health, our mission is to transform the prevention, detection and treatment of conditions such as dementia, cancer, diabetes, heart disease and stroke.  We’re looking for people to join us on our journey. If you’re looking for a new challenge where you can contribute to helping future generations live in good health for longer, then we’re keen to speak with you. 

    What you’ll be doing:

    This role should help us mature our approach to security risk management and security assurance, including third party security assurance. In this role, you will be responsible for:

    GRC

      • Manage our risk register, including ensuring risk mitigations are on track and risk acceptances are regularly reviewed
      • Conduct and support risk assessment and threat modelling activities
      • Maintain security policies and other key security documents
      • Support security governance activities
      • Monitor our security KPIs and Metrics and produce our monthly Security Reporting Pack
      • Drive compliance to our security framework
      • Assist our ‘Quality and Management Systems’ team with maintaining ISO 27001, Cyber Essentials Plus and other security certifications.

      Assurance (inc. Third Party Assurance)

        • Manage the security assurance schedule.
        • Organise security tests and assurance activities, including tracking of the remediation of findings
        • Help define assurance activity scopes and ensure overall coverage of assurance work
        • Perform security assessments against industry standards, including against technical standards (e.g. NIST, CSA STAR)
        • Perform security assessments of non-technical aspects of security (e.g. assessing security culture through maturity assessments, phishing tests, etc.)
        • Conduct security due-diligence on third parties

        General

          • Help drive employee security awareness
          • Support the InfoSec Director with various activities (e.g. defining a security strategy)
          • Support the wider InfoSec team with various activities (e.g. threat modelling, post-incident reviews, vulnerability triage)
          • Support non-security projects with following a DevSecOps approach, especially the security risk and security assurance aspects of such an approach

          What you won’t be doing:

          • Working in a siloed environment with no freedom to make decisions.
          • Working in an environment where you can’t see the impact your expertise makes.

          The environment

          We’re an agile team who work in short, product focused development cycles, solving complex technology problems in collaboration with a ground-breaking team of Behavioural Scientists, Epidemiologists, Clinical Operations specialists, and Ethicists. We’ve come from start-ups, tech companies, universities, the NHS and health charities. Together we’re experienced in building and scaling big consumer products, working with different kinds of health data.

          Requirements

          We absolutely welcome applicants who don't think they meet all the criteria below or who have a non-traditional security background.

          • Experience of complex and technical security risk assessments
          • Experience organising and overseeing security assurance activities, including penetration tests
          • Experience conducting third party security assurance
          • Ideally have experience of threat modelling
          • Exposure to Agile working
          • Knowledge of ISO 27001 and other commonly used security standards
          • Understanding of modern cloud technologies
          • Desire to be part of a small fast-paced team
          • Relevant certifications, such as: ISO 27001 Lead Auditor/Implementor, CISM, CISA, CISSP

          Benefits

          • Salary up to £65,000
          • Generous company pension package with employer contributions of up to 12%
          • 30 days annual leave (plus bank holidays.)
          • Continuous career development with regular appraisals and learning and development opportunities.
          • A lovely new office in Holborn, Central London – we offer flexible and remote working arrangements.
          • Join us - let’s prevent disease together.

          You need to be logged in to apply. Login or create an account.
          Is this job ad fake? Report it!   


          other jobs at Our Future Health

          Senior Platform Engineer Our Future Health in London Posted 164 days ago
          Full-time job in Health
          Full-time job in Health
          Security Engineer Our Future Health in London Posted 155 days ago
          Full-time job in Health
          Full-time job in Health
          Data Engineer (Questionnaire) Our Future Health in WC1A 2SL London Posted 139 days ago
          Full-time job in Health
          Full-time job in Health
          Project Manager - Technology Our Future Health in London Posted 114 days ago
          Full-time job in Health
          Full-time job in Health
          Senior Cloud Security Engineer Our Future Health in London Posted 104 days ago
          Full-time job in Health
          Full-time job in Health
          Staff Software Engineer Our Future Health in London Posted 71 days ago
          Full-time job in Health
          Full-time job in Health
          Senior Technical Operations Manager Our Future Health in London Posted 42 days ago
          Full-time job in Health
          Full-time job in Health
          Technical Operations Manager Our Future Health in London Posted 42 days ago
          Full-time job in Health
          Full-time job in Health
          Security Risk and Assurance Manager Our Future Health in London Posted 23 days ago
          Full-time job in Health
          Full-time job in Health
          Programme Manager Our Future Health in London Posted 9 days ago
          Full-time job in Health
          Full-time job in Health
          Quality Operations Coordinator - Onsite (6 month FTC) Our Future Health in WC1A 2SL London Posted 4 days ago
          Full-time job in Health
          Full-time job in Health
          Head of Regulatory Affairs Our Future Health in WC1A 2SL London Posted 3 days ago
          Full-time job in Health
          Full-time job in Health
          Data Linkage Manager Our Future Health in WC1A 2SL London Posted 3 days ago
          Full-time job in Health
          Full-time job in Health
          Bio-Sample Operations Coordinator Our Future Health in WC1A 2SL London Posted yesterday
          Full-time job in Health
          Full-time job in Health