Compliance Manager (Cyber Security, CA) required by my truly amazing public sector client in Canary Wharf, London. You'll be working in the CA function reporting to the Head of CA Assurance and the key purpose of the role is to monitor, support, report and instruct against the regulatory framework to ensure operational systems and networks, owned and/or managed by Operators of Essential Services (OES), in the electricity and downstream gas sectors in Great Britain, remain resilient against cyber and related security threats. You'll be rewarded with a great culture and working environment and, competitive salary, plus amazing benefits including pension (16%-24%); holiday starting at 27.5 days 10.5 days bank holidays and special days (increasing to 3010.5 after 2 years); annual Bonus (around 5%); flexible working; some remote working; annual training budget; season ticket loan and more. Essential: 3-years minimum experience in security auditing/inspection. Educated to Degree level or equivalent in a cyber, engineering or technology-based discipline or equivalent. Hold one or more professional qualifications in ISO27001:2013 Lead Auditor, CISA or equivalent. Must demonstrate that you have recent and relevant skills and experience in all of the following areas: Conducting audit inspections of environment for critical national systems, IT, IS, OT or national headline services Performing security risk assessments; Written and reviewed audit reports and Risk Treatment Plans (RTP) Ability to conduct security risks and audit analysis of associated critical systems, OT, Control Systems or headlines services; and Implementing processes for dealing with and managing security incidents Knowledge of ISO27001:2013 or IEC62443 series in critical infrastructure and challenges faced with introducing security controls An effective and engaging communicator, with experience working effectively with key external stakeholders Either holds or ability to achieve SC clearance Desirable: Certified to ISO27001 Implementer, GICSP, CRISC or equivalent Experience of auditing in an ICS/OT environment Knowledge of IEC62351 and/or NIST framework Knowledge and/or exposure to SEC and SMETS1/SMETS2 Coordinating incident response internally and externally