Head of Cyber Security, Risk, Governance & Compliance - Sheffield / Remote
My client are looking for a senior IT / Security leader who has extensive experience in risk, governance & compliance (GRC).
In this role you'll be responsible for delivering and operating an information and cyber security risk management and governance framework across the group. This will include ensuring that there is a robust information and cyber security controls framework in place, a process to test its effectiveness and reporting and metrics in place to demonstrate effectiveness to key stakeholders.
Additional responsibilities include:
- Developing and sustaining ongoing relationships to maintain visibility of the Business and IT information and cyber security risks and risk appetite.
- Using the risk appetite to set appropriate ICS Policy and Standards.
- Designing and completing appropriate second line of defense assessment and testing.
- Using the results of the assessments and other key organization inputs to continuously improve the risk management framework and supporting Policy and Standards.
- Owning internal relationships with Compliance and Operational Risk and other key Risk areas to ensure all processes are aligned to Group standard where appropriate.
- Develop a reporting framework to demonstrate control effectiveness and ongoing improvements
- Develop and sustain strong relationships with the IT and business, understanding their needs and enabling them to deliver to our external customers in an efficient and effective manner.
- Guide relevant senior management and business units in the development, implementation and maintenance of information and cyber security controls.
The successful candidate will have:
- Experience in Information and Cyber Security Risk Management and designing and delivering against an ICS Risk Management Framework.
- Broad experience working in a banking/financial institution environment or other highly regulated environment
- Strong interpersonal and communication skills, particularly communicating technology related issues/details to non-technical audiences.
- University degree in related field, MSc Information Security or relevant security qualifications (CISSP, CISM etc..)
This role is paying up to £100,000 + bonus & package. It will be fully remote during Covid, with sporadic onsite travel 1 day every 2 weeks to Sheffield once things have blown over. This includes a fully remote recruitment process.
This is a fantastic opportunity to work alongside a great CISO, in which you will have the autonomy to shape and grow my clients risk function through an exciting security transformation.
If this role would be of interest to you or if you would like to discuss the role in more detail, then please apply to the advert and I will be in contact to give you more detail.