Owner at Sourcing Solution Technologies
Views:2514 Applications:68 Rec. Actions:Recruiter Actions:24
Senior Role - Information & Cyber Security - Centre of Excellence - SBIA - Bank (8-20 yrs)
- To support the Business lines with Cyber Security and Resilience, we are establishing a dedicated 1st line Information and Cyber Security (ICS- ) Centre of Excellence ( COE ). The COE will improve framework, controls, services and products and continuously improve cyber security resilience and support the Business via their Heads of ICS.
The global utility will be established as a ICS COE to maintain sustainable processes for all Business and Function ICS requirements, covering Change and Business as Usual (- BAU- ) aspects. It will also be pivotal in
- Sharing of best practice across the Business lines to urgently reduce risk
- Facing off to the Business / Function / Regional Head of ICS (- HICS- ) in support of their agenda across all ICS capabilities and requirements
ICS is a top priority and this role offers the opportunity to contribute and learn in a fast paced and evolving environment.
This is a new role will report directly HICS, COE, will support the HICS community to manage the following ICS capabilities:
1. Security Business Impact Assessment ( SBIA )
a. Operate annual S-BIA process for all applications
b. Maintain the Information Asset ( IA ) Inventory and ratings
c. Prepare reporting on IA and Information System S-BIA ratings
d. Conduct training and awareness sessions for users
e. Operate the S-BIA tool as administrator
f. Maintain and enhance the tool
g. With IA Owners, maintain the justification for ratings
h. Interface with CMDB team to ensure the appropriate ratings are reflected in the golden source
i. Face off to CISO Policy team regarding changes to IA and S-BIA. Other new / emerging ICS capabilities where applicable
- Ensure prioritisation and assisting the HICS community with oversight and remediation
- Identify changes required in terms of additional components, reprioritisation to anticipate and respond to changes emanating from the ICS drivers
- Maintain strong stakeholder engagement with CISO, STS MT, T&I MT, Risk & Compliance, and Group Internal Audit and COOs to ensure alignment across stakeholder groups
- Escalate appropriately to ensure necessary decisions are made in a timely manner
- Drive continuous improvement across all ICS processes
People and Talent
- Support the identification, assessment, monitoring, controlling and mitigation of ICS risks
Adopt an anticipatory approach to risk assessment
- Assist with timely and accurate reporting to appropriate risk committees
Regulatory & Business Conduct
- Display exemplary conduct and live by the Group's Values and Code of Conduct.
- Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across the Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
- Lead the ICS COE team to achieve the outcomes set out in the Bank's Conduct Principles: Fair Outcomes for Clients; The Right Environment.
- Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
Key Stakeholders - Global Head Operations - Cyber, Data, Privacy and Automation - Global Head ICS - Head ICS, COE
- Accountable Executive, ICS TRP
- Head of Investment Delivery Assurance, ICS TRP
- Chief Operating Officers
- Security Technology Services MT
- Technology and Innovation MT
- Global Head Governance & Change, CIO
- Chief Information Security Office
- Head, Operational Risk Information Security
- Group Operational Risk
- Head, Audit - Information Security & Cyber
This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.