Basic Function & Purpose of the RoleAbout the Role:
The Security & Resilience Manager is responsible for the National Lottery's security and resilience (business continuity management) frameworks.
The focus of the role is to ensure that appropriate plans, policies, processes, and systems are in place to minimise the risk of security or resilience issues.
This will be achieved by defining security and resilience policies, ensuring they are reflected in systems and processes, and performing assurance on adherence to these policies both internally and externally.
The objective of the role is to ensure the National Lottery operates and maintains a modern, comprehensive security environment, which preserves and enhances the integrity of the National Lottery, its products, systems, premises, and people, and ensures business continuity.
The role is responsible for maintaining certification to the World Lottery Association Security Control Standard (which includes ISO 27001), complying with any industry required standards (e.g., PCI-DSS) and aligning the resilience programme with ISO 22301.
It will work closely with the IT team to agree and deliver the security and resilience frameworks.
The duties and responsibilities of this role include, and are not limited to, the following: Lead the Business Assurance Security team and provide ongoing leadership and motivation to a high functioning, engaged and effective team.Responsible for maintaining suitability of, and operationalisation of, PLI's security framework ensuring all underlying requirements (WLA Security Control Standards, including ISO 27001) are in place.Advise on and support definition and documentation of security policies and related key processes (e.g., security incident response) aligning to PLI's security framework, working with IT, DPO and other key stakeholders to ensure they are fit for purpose.Lead on relevant security certification audits (WLA Security Control Standard, ISO 27001, industry required standards e.g., PCI-DSS) and delivery of required annual certification, including tracking and resolution of any findings and remediation in agreed timelines.Define & deliver annual security assurance program on internal and external key security processes and systems and ensure any non-compliance or other issues are tracked and resolved.Responsible for Business Continuity Management Framework and Plan, aligning with ISO 22301, including delivery of regular business continuity testing with issue & improvement tracking and resolution.Coordinate the investigation and resolution of information security incidents, in line with the documented security incident management process, and manage retail security incident triage, resolution, tracking and reporting.Manage fraud monitoring and investigation processes and activities, including prioritisation, tracking, and reporting, internally to Fraud Council and Security Governance Committee, and externally to regulator.Define & deliver an annual training and awareness program ensuring all staff are aware of relevant security and business continuity policies and processes.Lead the delivery of regular security risk assessments working with IT and other key stakeholders to ensure security risks are known, quantified, and managed appropriately and in line with PLI's Enterprise Risk Framework.Review business requirements and solution designs to ensure security and resilience requirements are identified and implemented.Any other ad-hoc duties that may be assigned from time to time. About You:
Preferred Qualifications:
A recognised qualification in relevant discipline.7+ years relevant work experience.A formal security qualification (e.g., CISSP or CISM) would be beneficial.
Preferred Experience:
Previous exposure to working as a team lead and developing others.A thorough knowledge of security procedures and systems.Working knowledge of ISO 27001 or other security standards.An understanding of the lottery or gaming business and risk management.Strong understanding of IT architecture, Networks, Security Solutions, and Risk Analysis.
#J-18808-Ljbffr