Our client is a leading global banking group, looking for a senior Risk professional with experience managing Cyber Security Issues from the 2nd Line of Defence, with specific responsibility for the non-London locations across Europe, Middle East and Africa. The role will be London based with minimal travel requirements as you will take the role as a thought leader in the improvement & development of the relevant areas of the current Risk Framework as well as conducting Cyber, Information Security and IT Risk assessments across the EMEA businesses and their 3rd Party business integration points.
You will have hands-on experience in a similar Risk Management, Operational Risk or IT Audit role, demonstrate strong, core knowledge in this field and possess excellent stakeholder and relationship management skills. This role will better suit a Risk professional with strong Cyber Risk and Information Security knowledge rather than an IT / Cyber expert with limited risk knowledge.
Based within the highly regarded Risk Team, this is a key role with direct managerial responsibilities as well as the strategic responsibility for elements of designing, building, implementing and embedding best practice risk management process and procedures across the Bank.
You will be regarded as a Subject Matter Expert (SMEs) for Information Security Risk Management and assist in the development of a comprehensive IT Risk, Cyber Threat and Operational Resilience framework to ensure compliance with regulatory requirements and adherence to industry best practices.
- Contribute to all aspects of the Risk, Cyber and Information Security based on expert knowledge, industry best practices, business objectives and risk tolerance in alignment with the business objectives.
- Stay aware of emerging IT, information security and cyber security trends to help determine if/when to integrate them into the risk framework program.
- Have a deep understanding 2nd Line Risk Management and the risks derived from cyber risk and information security (IS) concepts, information security awareness and third-party risk management processes, methodologies, and practices
Key responsibilities include:
- Ensuring all business entities across the EMEA region have an appropriate control environment for IT, Cyber Risk and Payments by reviewing and challenging the First Line Activities.
- Reviewing and challenging process that business areas meet all relevant laws and regulatory rules and expectations for the management of IT, Cyber Risk and Payments (PSD2 regs)
- Support the EMEA Head of Cyber Risk and IT by horizon spotting and helping the Bank keep ahead of the developing threat environment.
- Development and implementation of a comprehensive Risk Management / Cyber Threat and Operational Resilience framework
- Contributing to all aspects of the IT Risk, Cyber and Information Security based on expert knowledge, industry best practices and risk tolerance in alignment with the business objectives.
- Stay aware of emerging IT, information security and cyber security trends to help determine if and when to integrate them into the risk framework program.