Aim of the Role
The primary aim of this role is in maintaining the Company's existing Public and Private Sector Compliance obligations.
The post-holder will also assist with GDPR compliance, Information Security and Risk governance and assist with low-level transition activities for new services.
Key Responsibilities
Key duties will include, but are not restricted to the following:
Planning, preparing, conducting, and reporting of external audits for all required sector and framework Certifications (outside of ISO) working with third parties where appropriate (e.g. Advent IM, Gemserv).
Introduction and ongoing Program Management of annual SOC 1 and 2 audits, involving understanding of the requirements, coordination of internal resource, oversight of the required controls, maintain a calendar of events and management of the auditors.
Creation, distribution, and coordination of all required RMADS and associated Remediation Actions Plans identified through governing body (NCSC Accredited bodies, Cabinet Office) audits.
The creation then management of an internally facing calendar of obligations describing (but not limited to) what they underpin (e.g. YHPSN, HSCN etc), certification requirements, expiry dates, governing body etc. This should then form the basis of Compliance annual budget (when partnered with similar ISO information).
Assisting with and attending all internal audit assessments at required locations underpinning Compliance Framework obligations (e.g. LIST-X, physical site audits etc.).
Assisting with customer-specific related due diligence / Assurance questionnaires and customer onsite audits and oversight of information security-based new business requirements.
Project managing technical implementations and the underpinning Information Security obligations and IT Health Checks requirements.
Take part in the running of a new Redcentric Risk Framework, logging and tracking high risk items and matrix managing across all risk registers.
Project Management and partnered assistance with ISO Programme Manager to replace / refresh and expend existing ISO Management Database (to cover all Compliance Obligations and Risk).
Person Specification
The ideal candidate will have the following skills, attributes and experience:
Excellent organisational, negotiating and time management skills with the ability to prioritise workload and remain efficient whilst working under pressure;
Tenacity to deliver, with excellent attention to detail;
Self-motivated, 'can do' attitude;
High quality interpersonal skills are essential for this role;
Excellent competency of various Microsoft software suite, including Project, Word, Excel and PowerPoint.
The role requires the jobholder to work as part of a team, both with colleagues within the department, but also throughout various departments across all Redcentric divisions, maintaining excellent working relationships at all times.
The ability to effectively manage multiple concurrent tasks is essential.
Ideally from a Project or Program Management background is desirable.
Significant governance, framework compliance and auditing experience desirable.
TPBN1_UKTJ