Risk Management & Governance Manager

Astroscale UK are seeking a talented information security professional to join our Global IT and Security Team. This is a fantastic opportunity for an experience infosec professional to help shape the policy and compliance landscape of Astroscale.

Focussing primarily on our UK entity, the successful applicant will be at the heart of the RM&G initiative, updating existing policy, creating new policy and implementing the change necessary to gain (and subsequently maintain) ISO27001 and other similar certifications. While UK focussed, other Astroscale businesses are likely to either adopt ISO27001 or adopt NIST CSF, so the ideal candidate will be fluent in both frameworks and be able to understand the gap between them in order to maximally benefit the group of companies with one overarching controls framework.

In addition, the role will be critical in enhancing our Risk Management and the successful applicant will be responsible for the maintenance, communication, ongoing review and improvement of our Risk Registers and associated polices and processes.

As a small, global team, we expect all team members to assist in other duties as required (for example, in awareness training programmes, phishing simulations, technical security control reviews and so on).

Responsibilities 

• Implement and subsequently maintain a full ISO27001 ISMS.
• Own all security policy and ensure that it is complete, coherent and well communicated and understood across the business.
• Own and enhance the risk management policy and risk register, enhancing the risk management process and communication and understanding of risk.
• Work with colleagues in other Astroscale group companies to understand their regulatory requirements and seek to rationalise, harmonise and reduce global compliance efforts.
• Interface with the local business to ensure compatibility with local policies, ISO 9001 and other UK-focussed initiatives.
• Operate independently but also with team support (likely one team member will be in place to support this role) and so this role may require some people management depending on the evolving structure.

Essential Skills

• Experience implementing or auditing ISO27001 (2022).
• Excellent communication skills, with the ability to convey complex information in simple terms. Must be an engaging speaker with the ability to capture the attention of a wide variety of stakeholders and staff across the business.
• Excellent written communication skills with extensive experience creating and maintaining policy and other documentation.
• Experience in risk management, and the ongoing risk management process.
• Desirable skills
• Experience with the UK CAF.
• Experience in attaining, maintaining or assessing Cyber Essentials Plus.
• Experience in vulnerability management.
• Technical security expertise, in any discipline (perhaps penetration testing).
• Experience with DLP technologies, ideally Microsoft Purview.
• Experience in managing security incidents.

Benefits

• Competitive base salary
• Opportunity to work with a highly talented, diverse & dynamic international team with cutting edge technology
• Flexible working around core hours in a friendly and supportive environment
• Hybrid working available (dependent on individual role requirements)
• 25 days holiday (increasing yearly up to a maximum of 28 days) + 8 days Bank Holiday
• Optional 9/75 working pattern
• Life insurance and long-term sick pay
• Private healthcare (taxable benefit)
• Relocation allowance
• Visa sponsorship for employees considered
• New state of the art office and cleanroom facility
• Regular social events

Location

Astroscale UK (Harwell), with potential for some travel to Astroscale Japan (Tokyo).

About Astroscale

We aim to deliver cutting edge technologies that will become part of routine commercial space operations by 2030.

Astroscale is the first private company with a vision to secure the safe and sustainable development of space for the benefit of future generations, and the only company dedicated to in-orbit servicing across all orbits. Founded in 2013, we are developing innovative and scalable solutions across the spectrum of in-orbit servicing missions, including End of Life services, Active Debris Removal, In-situ Space Situational Awareness and Life Extension Services, to create sustainable space systems and mitigate against the hazardous build-up of debris in space.

Astroscale is an Equal Opportunities employer and embraces a diverse workforce. All qualified applicants, including minorities, women and individuals with disabilities are encouraged to apply.

Note to recruitment agencies: Astroscale operates a preferred Supplier List, and we do not accept unsolicited agency approaches. Please do not forward candidate CVs or details in response to this advert, or to any Astroscale employee.