Commercial Lead - NIS Regulations
Our rapidly-growing business offers a dynamic environment for talented and entrepreneurial professionals to achieve results and grow their careers. As Principal Information Security Consultant, you will be responsible for leading the Network and Security of Information Systems Regulations (NIS R) service-to-market proposition in the UK and Republic of Ireland, and report directly to the Head of Consultancy. This will include leading in the development of a service that helps existing and new clients meet their obligations under NIS R. This is a high-profile role within Gemserv where you will be expected to speak on behalf of the company in this specialist area, how NIS can integrate into Gemserv’s wider cyber security services, advise company Boards on their obligations and deliver high quality services to our clients.
Additionally, you will be responsible for supporting clients across many sectors (predominantly energy, transport & health) in complying with NIS R, and engaging with industry bodies, sector Competent Authorities (CAs) and Operators of Essential Services (OESs). More widely this role will require the successful candidate to work in partnership with Gemserv’s Business Development, Information Security, Cyber Security, Data Protection and Strategy and Communications teams to create and execute a commercially viable NIS R service.
- Lead on the development of the NIS R proposition and support the creation of a commercially viable consultancy service in the UK and Republic of Ireland
- Engage with industry stakeholders, including industry bodies, CAs and OESs to position our NIS R service and Gemserv’s broader Data Services expertise
- Partner with the Business Development & Strategy and Communications teams to promote the NIS R service and support the creation of sales opportunities through engaging stakeholders, networking and speaking at events
- Support the development of a capable team to deliver the NIS R service, including utilising existing information security resource
- Work with the wider project team to establish the NIS R service through a combination of marketing, thought leadership, speaking at events and hosting networking events
- Undertake consultancy assignments as required to deliver NIS R service across a range of industry sectors in the UK & Republic of Ireland, including Energy, Transport & Health; and
- Demonstrate technical knowledge of compliance frameworks that apply to NIS, including ISO27001, ISO22301, Cyber Essentials Plus, and how these frameworks will apply to wide range of OESs (including IT, industrial, operational and information systems)
Experience and Knowledge
- Experience of creating a consultancy service propositions and positioning within market sectors to support sales activity;
- Seasoned networking skills and experience of speaking at events, developing thought leadership and engaging with wider range of stakeholders;
- Experience in information security compliance from the following UK sectors; transport, health or energy (see also preferred organisations listed in section below);
- Consulting skills and deep expertise information security governance framework (including, IS27001, ISO23001, NIST, COBIT, Cyber Essentials Plus); and compliance related legislation and regulation, e.g. GDPR, S-Ox, PCI-DSS;
- Taking a risk based approach around information security compliance and controls across a broad range of technology covering networking, infrastructure and applications;
- Good knowledge of IT and communications systems architecture and design; and
- Experience delivering Board level reporting.
Skills and Qualities
- Combination of professional qualifications (e.g. CISSP, CISM, CISA, CRISC, Cyber Essentials Plus or similar), as well as extensive relevant experience;
- Experience of working with government, regulators and/or audit/assessment bodies would be desirable.
These include transport (DfT, CAA), health (DfH, NHS Digital), energy (Ofgem, BEIS), wider security (ICO, NCSC);
- Possess strong written and verbal communication skills with the confidence to build and manage relationships with senior stakeholders;
- Ability to travel to client sites; and
- Working in a professional services/consulting environment is desirable.
We are passionate about helping drive the energy market transformation and data revolution. We work right across our sectors, from government bodies to global blue-chip organisations and small independent companies.
The nature of what we do means we are very much a people business. The contribution every member of the team makes to our diverse range of experience, skills and personalities is valued.
We invest heavily in learning and development to enable our people to develop skills and gain experience which will enhance career prospects for life. Many who started their careers with us have rapidly progressed to more senior positions.
At Gemserv no two days are the same, but we believe in a flexible approach to working which we know our employees value. We also offer an attractive package of benefits in addition to highly competitive salaries including bonus scheme, pension and healthcare, season ticket loans, discounted gym membership, Cycle to Work scheme and more.
If you feel that you fit the above requirements and would like to hear more about being part of a growing organisation, then we would love to hear from you. Please submit your CV and application letter to us.