Reporting to the Head of Information Security Risk Management, you will be working as part of a wider team to ensure effective management of risk and control by the 1LOD. The remit extends across all aspects of IT security, i.e. policies, standards and procedures, authorization and administration of accesses, networks, servers and workstations, operating systems, databases and applications. Proactively monitors and assesses the IT infrastructure/applications of the company to ensure that the confidentiality, availability, integrity and traceability of IT systems are maintained. It also requires the incumbent to foster close working relationships with other business areas and Business Unit IT and IT Infrastructure Production teams
* Ensure the operational effectiveness of security controls consummate to risk and appropriate to policies or standards.
* Verify security controls are mitigating business risks as expected.
* Verify security improvement and remediation activities will or have achieved their objectives.
* Ensure IT governance routines are effective.
* Identify significant IT risks within projects from strategy and program information provided by the 1LOD.
* Maintain stakeholder relationships with Heads of IT Security, CCO Technology teams and Business Information Risk Officers (BIRO)
* Ensure threats are identified by 1LOD and responses managed into BAU and change activities.
* Verify incidents identified and managed effectively.
* Have extensive and demonstrable information and cyber security risk and operational risk knowledge and experience.
* Strong IT Security technical skills across one or more of the following: databases, platforms, networking, Internet, business applications.
* Previous experience of managing information security risk activities such as Risk Assessment team, Security Engineering, Security Operations or;
* Subject Matter Expert or recognised specialist in one or more of these areas.
* Experience in dealing with complex matters by adopting a pragmatic approach, identifying core requirements from both a security and a business perspective and translating them into simplified activities that address the problem.
* Previous experience working in a Global Bank, particularly commercial and investment banking.
* Significant knowledge of Information Security Risk management processes, controls and operations.
* Ability to build relationships and influence key internal & external stakeholders.
* Professional related security qualifications preferable such as CISSP, CISM and CRISC.
Morgan McKinley is acting as an Employment Agency in relation to this vacancy.
Please note that any references to salary or pay rates in this advertisement and in the salary refinement section are indicative only and should only be used as a guide.