Fircroft has been placing people in specialist technical industries for approaching half a century, focusing on mid to senior level engineers for contract and permanent roles worldwide. Fircroft currently has over 10,000 contractors placed in roles around the world and, as well as contractor recruitment, we also fill permanent job vacancies across our key sectors; Oil & Gas, Automotive, Petrochemical & Chemical, Power, Nuclear & Renewables, Mining & Minerals, ICT and Infrastructure & Construction. With global contracts with the world’s largest technical engineering companies, Fircroft will find you a role that supports your professional life, builds on your skills and fulfils your potential, within a work culture that suits you.
The Information Risk Manager within the Information Risk Strategy & Management organization is an essential role responsible for partnering with the business to drive enterprise information risk management, governance, solutions, and organizational capability through sustainable risk-based processes. This role will give exposure to new and existing technology used enterprise-wide and an opportunity to engage with leadership and asset support teams across the ITC and ETC functions. It will provide an opportunity to learn about businesses and their risks, new IRM Standards, and the
five concurrent and continuous functions of the cybersecurity framework - Identify, Protect, Detect, Respond, and Recovery. The Information Risk Manager will have the first-hand opportunity to apply this cybersecurity framework to technologies that ETC and ITC are actively involved in to include digital transformation, blockchain, cloud, RPA, IoT, and
among a whole slew of other technologies.
Individuals in this role will:
* Obtain understanding of the business and its risks
* Provide consultation on overall IT IRM risks
* Govern and deliver enterprise IRM solutions
* Report on state of risk and compliance management
* Increase IRM organizational capability
* Advise on audit / validation / risk assessment engagements and remediation
* Promote, monitor and validate IRM processes (i.e. IP, DP, SOX IT)
Key responsibilities include, but not limited to the following:
* Understand and assess the overall Information and Cyber Risks faced by the business in their business conduct,
business processes, the IT systems, PCN, Applications, etc., and recommend mitigation strategies.
* Promote the identification, understanding, and management of information risks and vulnerabilities for the operating
* Establish, implement and guide the business unit to adhere to Corporate Policies and IRM Standards that direct
information security, risk management, and compliance activities.
* Continuously drive improvement and promote the alignment of standard IRM processes, tools, and training across
all business units.
* Provide the state of Information Protection and Data Privacy compliance to business unit leaders to ensure the
understanding, appropriate rigor, and prioritization in management of risk and escalate any priority conflicts.