We are looking for a Directory of Cyber Security for one of our clients within a financial services organization. As the Director, Cyber Security and Risk Management, you will play a key role in maturing, expanding and optimizing the organization’s cyber security and information risk management capabilities globally while positioning the organization to be agile and ready to respond to the ever-changing security risks.
- Contributing to the cyber security strategy. Lead the development and delivery of the cyber security and IT risk management plan as well managing enterprise-wide security programs and risk management initiatives.
- Liaise with internal stakeholders across all regions and external partners, suppliers, and managed service providers in order to promote security, provide oversight to business continuity and disaster recovery risk mitigation and to ensure that information assets and systems are managed in a manner which is legally compliant, secure and consistent with industry best practices.
- Develop, maintain and socialize the global information security policy framework
- Build and lead the delivery of a structured security awareness and training program to promote awareness about security risks and encourage the adoption of security policies and practices across the enterprise
- Work with IT and business leaders to define and present metrics and dashboards that effectively communicate security maturity and progress of the security program
- Develop common framework and centralized repository to enhance proficiency in managing multiple client audits and due diligence requests as it pertains to security, risk and compliance
- Keep abreast of technology evolutions, risks on the radar, and changing threat profile and proactively assess and advise the stakeholders about its impact on our environment and corporate risk profile
EDUCATION / ACCREDITATION:
- Undergraduate degree ideally in information security, computer science or related field
- 8 years of Information Security experience
- Security qualifications such as CISP/CISA/CISM/CRISC
- Knowledge of security frameworks including ISO 27001/2, NIST, COBIT
- Demonstrated experience of data protection, security, risk and compliance related matters – preferably gained within a data centric and/or financial services environment
- Experience of security governance and compliance in organizations that rely on outsourced model Proven success gaining buy-in from decisions makers and stakeholders across IT and the business Sound decision maker and can rationalize between difficult choices on technical merit and real risks; Excellent written and verbal communication skills as well as interpersonal and collaborative skills
- Ability to thrive in a fast-moving environment, with high tolerance for change
- Leadership/management experience