**Job Overview: ** An ideal candidate can strategically address risk and policy governance requirements in line with business outcomes.
Can clearly communicate objectives to partners, is diligent, and operates effectively at pace.
Leverage cyber security and IT risk management expertise to drive risk reduction and maintain up-to-date, comprehensive risk policies aligned with industry standards and regulations.
Produce and deliver presentation of risks to leadership across Enterprise IT.
Utilising in-depth knowledge, owning and managing risk policies, standards, and guidelines to ensure they are current, comprehensive, and aligned standard methodologies and regulatory requirements.
Using good interpersonal skills to cultivate a culture of cyber security within Arm by equipping all employees with the knowledge and skills vital to protect our assets and data.
** Responsibilities:** * Set clear objectives for team and support them to achieve objectives including role and career development.
* Research, and apply relevant laws, regulations, and industry standards to the organizations information systems and practices.
* Responsible for Governance through owning and managing risk policies, standards, and guidelines.
Including conducting regular reviews with key partners and updates to address emerging risks and regulatory changes.
* Coordinate Risk Review committee meetings to assess and address IT and security risks, including gathering information, preparing reports, presenting and advising on emerging risks.
* Drive cyber security culture across Arm to build a secure working environment that protects our people, data, and reputation.
This will be delivered directly to colleagues and via a remit of different multi-media platforms and channels.
* Ensure that all employees understand the importance of security and their role in maintaining it including recognising potential threats, incidents and vulnerabilities.
* Educate colleagues on best practices for security, including password management, recognising phishing attempts, and safeguarding sensitive information.
* Provide ongoing training and resources to keep employees updated on the latest security threats and mitigation strategies.
* Nurture a mentality where security is a priority in all activities, encouraging proactive behaviour and vigilance.
* Ensure all employees follow security policies and regulations.
**Required Skills and Experience:** * Experience with a variety of compliance frameworks, such as HIPAA and PCI DSS and cybersecurity, such as the NIST Cybersecurity Framework, ISO 27001, ISO 27002 and SOC2.
* Ability to influence at all levels to drive governance, via committees, and reduction of exceptions via direct engagement.
* Experience of using tools and technology to train, communicate and improve security culture and demonstrable experience in developing simple, effective and easy to adopt security policies.
* Solid understanding of regulations, industry standards, and leading practices related to the security of application, platform, network, and cloud as well as data security, and privacy.
* Execution oriented with an ability to run multiple projects simultaneously with a focus on outcomes driving impact.
**"Nice To Have" Skills and Experience:** * A good understanding of the variety of technical security control concepts, procedures and systems (e.g., Email Security, AV, EDR, Firewalls).
* Security qualifications i.e., CISSP, CISM!
* Awareness of project management techniques, while having the ability to handle and chair meetings when required!
**In Return: ** At Arm, we are guided by our core beliefs that reflect our creative culture and guide our decisions, defining how we work together to surpass ordinary and shape extraordinary.
#LI-JW ## **Accommodations at Arm** At Arm, we want our people to **Do Great Things**.
If you need support or an accommodation to **Be Your Brilliant Self** during the recruitment process, please email [******](mailto:******).
To note, by sending us the requested information, you consent to its use by Arm to arrange for appropriate accommodations.
All accommodation requests will be treated with confidentiality, and information concerning these requests will only be disclosed as necessary to provide the accommodation.
Although this is not an exhaustive list, examples of support include breaks between interviews, having documents read aloud or office accessibility.
Please email us about anything we can do to accommodate you during the recruitment process.
## **Hybrid Working at Arm** Arm's approach to hybrid working is designed to create a working environment that supports both high performance and personal wellbeing.
We believe in bringing people together face to face to enable us to work at pace, whilst recognizing the value of flexibility.
Within that framework, we empower groupsteams to determine their own hybrid working patterns, depending on the work and the team's needs.
Details of what this means for each role will be shared upon application.
In some cases, the flexibility we can offer is limited by local legal, regulatory, tax, or other considerations, and where this is the case, we will collaborate with you to find the best solution.
Please talk to us to find out more about what this could look like for you.
## **Equal Opportunities at Arm** Arm is an equal opportunity employer, committed to providing an environment of mutual respect where equal opportunities are available to all applicants and colleagues.
We are a diverse organization of dedicated and innovative individuals, and don't discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.