Location: Remote & Buckinghamshire
Reports to Group CISO
Salary: up to £1,000/day
Duration: 6 months
Ransomware attacks are growing in size and frequency and given the increased threat, there is a need for us to understand and assess our dependencies on systems and ability to respond to and recover from a ransomware attack should it occur.
This six-month contract is being created to undertake a gap analysis and risk assessment of our current capabilities to respond and recover to a ransomware attack. Depending on the findings there may be a need for this role to be extended.
To be successful in this role any candidate will need to be able to co-ordinate with teams across the Group and leverage their capabilities. The ransomware recovery project lead will be part of the InfoSec team. This role is based predominantly in our Buckinghamshire offices in combination with home working during Covid restrictions.
Successful candidates will be required to achieve and maintain SC clearance.
The scope of the role will be to work across the Group to:
• Understand the dependency on systems of the Group’s operations
• Clarify and align RTOs and RPOs for key systems and undertake gap analysis and risk assessment. Make recommendations to address deficiencies.
• Understand the currency of site business continuity plans and identify any gaps.
• Categorise systems by criticality.
• Analyse our backup and restore capabilities as they relate to ransomware resilience and make recommendations to address deficiencies.
• Understand the ransomware recovery dependencies on core infrastructure and hardware availability.
• Develop playbooks for ransomware response and gain senior stakeholder buy-in to pre-agreed principles.
• Working with the sites, understand the update site emergency response and preparedness plans to include ransomware and other cyber scenarios.
• Understand supply chain dependencies for ransomware.
• Establish procedures to keep ransomware playbooks and plans current.
• A relevant degree or security qualification
• Proven experience as a Programme Lead
• Relevant experience of working on cyber
• Outstanding leadership and organizational skills
• Excellent communication skills
• Outcome focused delivery change projects with the ability to bring the project rigour and discipline
• Data driven, always striving for transparency
• Excellent stakeholder relationship skills
• Excellent problem-solving ability
• A ‘can-do’ attitude
• Demonstrable experience of delivery of risk assessment projects
• Excellent knowledge of business change management principles
• Experience of working in a global organisation delivering projects through a matrix relationship
• Proven ability to deliver projects to time, cost and quality
Specific know how and technical skills:
• Strong programme/project management skills with knowledge of tools and methods to deliver
• Strong understanding of ransomware mechanisms
• Strong understanding of core IT infrastructure as it relates to ransomware