Security Risk Manager - R0253471

Location: Reading, United Kingdom

In fast-changing markets, customers worldwide rely on Thales. Thales is a business where brilliant people from all over the world come together to share ideas and inspire each other. In aerospace, transportation, defence, security, and space, our architects design innovative solutions that make our tomorrow's possible.

Together we offer fantastic opportunities for committed employees to learn and develop their careers with us. At Thales UK, we research, develop, and supply technology and services that impact the lives of millions of people each day to make life better, and keep us safer. We innovate across five major industries: Aerospace, Defence, Ground Transportation, Security, and Space.

Your health and well-being matter to us, and that’s why we offer you the flexibility to do what’s important to you; whether that’s part-time hours, job sharing, home working, or flexible start and finish times. Where possible, we support a working pattern that suits your lifestyle and helps you reach your ambitions.

Location: Crawley/Reading/Cheadle/Glasgow/Doncaster/Templecombe (Hybrid)

Role Summary: We have a unique opportunity for a Security Risk Manager to support Thales UK in identifying, assessing, promoting, liaising, and managing security risks. The role involves maintaining risk profiles against security compliance requirements and providing regular reports to stakeholders. The successful candidate will support ongoing management of security risks by promoting relevant policies, processes, and guidance to develop and maintain organizational maturity.

• Support the GRC Manager and the wider Corporate Security Office in delivering the relevant strategy and roadmap for Thales UK.
• Analyze technical, physical, environmental, and personnel security risks; advise stakeholders on risk assessments and controls.
• Develop and report on risk metrics to demonstrate correlations and highlight concerns to management.
• Assist business lines in assessing risks and advising on mitigation strategies.
• Promote security risk management policies and processes to improve security culture.
• Translate technical jargon into business-focused risk statements for senior management.
• Support maintaining the ISMS through promoting the risk process and controls.
• Monitor and evaluate the effectiveness of security controls and produce metrics.
• Support the achievement and maintenance of security accreditations such as ISO 27001, CE+, IPSA.
• Deliver training and awareness on risk management processes.
• Ensure compliance with industry-recognized security certifications.
• Maintain process documentation related to security risk management.
• Manage the GRC platform according to risk policy and process.
• Engage effectively with stakeholders across the organization.
• Report and improve metrics/dashboards, create monthly KRIs and KPIs.
• Identify new security risks in the context of legal, regulatory, and organizational changes.
• Collaborate with related processes like Threat Intelligence, Incident Management, and BCP/DR.
• Conduct educational workshops and contribute to security training campaigns.

• Experience in mid to senior-level strategic security risk management roles.
• Experience with security standards such as ISO 31000, ISO 27005, ISO 27001.
• Strong communication and engagement skills.
• Good analytical and reporting skills.
• Proven problem-solving abilities.
• Qualifications like CRISC, CSRM are beneficial but not essential.

• Performance bonus, pension contributions, stock options.
• Training budgets, holiday entitlement, private healthcare, and more.

In line with Thales' security requirements, candidates will need to provide evidence of identity, eligibility to work in the UK, and employment/education history. Some roles may require security clearance.

Thales UK is committed to diversity and inclusion and will provide reasonable adjustments for applicants with disabilities or long-term conditions.

Great journeys start here, apply now!