Manager, Cyber Assurance

We are a global multinational marine, energy and industrial company with a proud heritage in the marine industry. With over 18 000 employees worldwide, 5bn+ of turnover and one of the most established brands in the Marine sector, we are also one of the most progressive and innovative companies in our space. We have embarked on a bold, exciting and needed Digital Transformation, headed by a newly appointed CDO.

This Digital transformation is about reinventing our Company into Wärtsilä-as-a-Service – a digitally enabled, insight led, customer obsessed leader in the Marine and Energy sectors. We see cyber security as an essential part of our future and of our transformation.
Application deadline 2017-10-29
Position description We are now looking for 4 lead auditors who can provide the requisite level of assurance that the cyber controls are both designed and operating effectively. The assurance that these auditors will provide will not only provide the Business and Functions with essential insight and understanding as to the status of their cyber controls, but will also provide valuable visibility of this status to senior management.

Likely locations for these positions will include the US (Florida); Northern Europe (UK; Finland; Germany); and Asia-Pacific (Singapore) though this is subject to confirmation and negotiation. The incumbents will be expected to conduct moderate amounts of international travel.
Responsibilities Each Manager, Cyber Assurance, will have a primary focus on dedicated support to a specific business unit or function, with a secondary responsibility to their respective region.

Within the business unit/function the main accountabilities will include
• Planning, conducting and reporting of LOD3 and LOD2 cyber security audits.
• Monitoring, tracking to closure and reporting of actions arising from cyber assurance.
• Managing cyber risk advice.

In addition, other responsibilities within the organisation will include:
• Planning and coordinating all cyber security assurance activity across the specific organisation.
• Advising and assisting in cyber security self-assessment activity (LOD1).
• Working closely with the management and cyber security operations staff to:
I identify and prioritise the mitigation of cyber security risks;
II Promote transparency and understanding of cyber security risks;
III Ensure the implementation of, and compliance with, cyber security governance;
IV Communicate and aid understanding of cyber security issues, requirements and priorities;
V Communicate and aid understanding by the Cyber Security Team of the organisation’s intentions, imperatives and priorities.
• Promote, monitor and report on the implementation of cyber security awareness programmes.
• Contribute to the establishment and maintenance of cyber security competence assurance.
• Assist in the planning, conduct and reporting of cyber security crisis or incident response exercises.
• Lead, or contribute to, cyber security investigations.
• Contribute to the maintenance of cyber security governance documentation.
• Actively promote Digitalisation and cyber security in all engagement with the businesses and functions.

Your main development responsibilities will be:
• Periodically review cyber security governance and standards with a view to improvement, currency and appropriateness.
• Periodically review all assurance processes, with particular focus on LOD1 self-assessment, for effectiveness, simplicity and suitability.
• Constantly examine the assurance programme to ensure its optimised alignment with associated cyber risks.

Your authorities will include:
• Authorised to contract specified and unique external capabilities required for cyber security risk and assurance provision in up to a value of 10,000 Euros per transaction.
• Authorised to approve LOD2 plans.
• Authorised to author and sign off LOD2 audit reports.
Requirements As an ideal candidate, you are:

• Independent and self-driven. Results-oriented person with autonomous project management, reporting and documentation skills.
• Excellent communicator, who is able to translate complex matters to non-experts and is fluent in English

You also have strong background in cyber assurance being:
• Accredited ISO27001 auditor.
• Accredited auditor or experienced in assurance of SCADA/ICS (eg IEC62443).
• Accredited / experience in IT / cyber investigations.
• Experienced in cyber security controls such as firewalls, access control, authentication, anti-virus/whitelisting, patching, IDS/IPS, logging and SIEM.
• Experienced in cyber security vulnerability assessments and testing tools/techniques.

You also have
• Good understanding of ICS / SCADA, automation and IoT.
• Security assessment skills and preferably experience of conducting risk analysis and assessments.
• Postgraduate level (MSc or equivalent) in cyber security or IT-related subject, or an equivalent relevant technical degree and professional experience.
Contact person to give further information Andrew Ross
Director, Cyber Assurance
Tel. +44 752 559 3094

Please apply through our website only.

Country Open
United Kingdom
Job area Quality and Operational Development