Information Security Risk Manager - Senior
Information Security Risk Manager - Senior - 2nd line of Defence Role Purpose You will be responsible for developing and maintaining the ISR (Information Security Risk) team's relationship with several other lines of business, globally as well as regionally, with a focus on global banking and commercial baking teams. You will ensure your department supports the other lines of business with their Information Security Risk posture and ensure that they are challenged when their risk appetites are breached. You will primarily liaise with the CIO functions for each of these business functions and you will be responsible for challenging, advising and guiding the respective IT functions on the effective management of their information and cyber security risks. (Relationships with the IT CIOs will be managed jointly with the global ISR Managers.) You will ensure the teams' activities are aligned to the business operational risk management framework, which includes oversight of Technology's 1st Line of Defence and; Key IT technology programmes and initiatives Information and cyber security incidents Cyber threats and threat mitigation Information security awareness initiatives Providing support for large change programmes within Technology amongst others. Key Accountabilities Liaising with senior managers to understand the current risk landscape, and to follow-up on any respective risk management / mitigation duties. Maintaining on-going visibility of IT key initiatives and helping to prioritise Information Security Risk oversight, according to risk. Increasing the understanding of information risks within the IT functions by explaining these in business terms. Helping IT functions ensure that they are kept within their risk appetite by recommending mitigating actions. Supporting the IT functions in the root-cause-analysis process and guide them to ensure relevant information security risks and controls are included in the process. Providing 2 Line of Defence visibility on current threats, mitigation, intelligence, cyber security and incident management. Work with all areas of ISR, locally and globally, to develop an engagement framework that allows the ISR function to: Reduce duplication of effort and ensure best use of scarce ISR resource To have single / globally aligned frameworks To have single / globally aligned risk model To standardise and globalise were feasible without losing coverage for regional or local processes Establish processes to ensure compliance with all internal and external regulations Information Security Risk Manager - Senior - 2nd line of Defence McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.