This role forms part of the London based IT and Information Security organisation and provides support to the Cyber GRC leadership function. The Cyber GRC Lead works closely with the CISO organisation, Risk Management and Compliance teams to deliver cyber risk governance, assurance and reporting across EMEA in support of regulatory and Group requirements.
Role;
- key leadership role in the delivery of cyber and information security assurance across EMEA
- Owns the oversight of cyber risks and issues impacting regulatory compliance across multiple jurisdictions
- Leads the preparation of cyber risk and assurance reporting, including remediation planning and action tracking
- Oversees audit, regulatory and risk management actions and responses
Responsibilties:
- Lead and coordinate cyber governance, risk and compliance reporting across EMEA
- Own and enhance the EMEA Information and Cyber Security Governance Frameworks, ensuring alignment to regulatory expectations and the evolving threat landscape
- Drive and challenge remediation activities, tracking progress to completion
- Own the intragroup cyber governance framework for services provided and received
Skill:
- Cyber security governance frameworks and industry standards such as NIST, ISO 27001, COBIT and ITIL
- Cyber risk and performance management, including control design, metrics and compliance oversight
- Producing high quality written material and presentations for senior management and regulators
- Senior stakeholder engagement across technology, risk and control functions
