Ransomware Recovery Project Lead - Buckinghamshire

IT/Information/Cyber Security
Ref: 100 Date Posted: Wednesday 13 Oct 2021
LinkedIn ShareShare

Company:           Energy

Location:             Remote & Buckinghamshire

Reports to           Group CISO

Salary:                  up to £1,000/day

Duration:             6 months


The Role


Ransomware attacks are growing in size and frequency and given the increased threat, there is a need for us to understand and assess our dependencies on systems and ability to respond to and recover from a ransomware attack should it occur.


This six-month contract is being created to undertake a gap analysis and risk assessment of our current capabilities to respond and recover to a ransomware attack. Depending on the findings there may be a need for this role to be extended.


To be successful in this role any candidate will need to be able to co-ordinate with teams across the Group and leverage their capabilities. The ransomware recovery project lead will be part of the InfoSec team. This role is based predominantly in our Buckinghamshire offices in combination with home working during Covid restrictions.


Successful candidates will be required to achieve and maintain SC clearance.


Main Responsibilities


The scope of the role will be to work across the Group to:


•             Understand the dependency on systems of the Group’s operations

•             Clarify and align RTOs and RPOs for key systems and undertake gap analysis and risk assessment. Make recommendations to address deficiencies.

•             Understand the currency of site business continuity plans and identify any gaps.

•             Categorise systems by criticality.

•             Analyse our backup and restore capabilities as they relate to ransomware resilience and make recommendations to address deficiencies.

•             Understand the ransomware recovery dependencies on core infrastructure and hardware availability.

•             Develop playbooks for ransomware response and gain senior stakeholder buy-in to pre-agreed principles.

•             Working with the sites, understand the update site emergency response and preparedness plans to include ransomware and other cyber scenarios.

•             Understand supply chain dependencies for ransomware.

•             Establish procedures to keep ransomware playbooks and plans current.


Job requirements


Vocational Qualifications:


•             A relevant degree or security qualification

•             Proven experience as a Programme Lead

•             Relevant experience of working on cyber


Behavioural competencies:


•             Outstanding leadership and organizational skills

•             Excellent communication skills

•             Outcome focused delivery change projects with the ability to bring the project rigour and discipline

•             Data driven, always striving for transparency

•             Excellent stakeholder relationship skills

•             Excellent problem-solving ability

•             A ‘can-do’ attitude


Experience required:


•             Demonstrable experience of delivery of risk assessment projects

•             Excellent knowledge of business change management principles

•             Experience of working in a global organisation delivering projects through a matrix relationship

•             Proven ability to deliver projects to time, cost and quality

Specific know how and technical skills:


•             Strong programme/project management skills with knowledge of tools and methods to deliver

•             Strong understanding of ransomware mechanisms

•             Strong understanding of core IT infrastructure as it relates to ransomware