The CISO team's goal is to keep our customers', colleagues', and organisation's data secure, through ensuring our technology, business processes and controls are secure by default and design, deploying key security capabilities, and through targeted training and awareness campaigns.
In support of this strategy, we have deployed a technical solution to take data from multiple sources which, when combined, will enable us to continuously monitor key controls set out in our policy and standards framework, and assure their appropriate implementation, function and effectiveness.
You will own the continuous control monitoring (CCM) service, define the strategy and future road map for development of the tool and the use cases it will support, and drive its adoption and implementation across the business. Key Responsibilities and Scope of role:
Take ownership of the end-to-end controls monitoring service, including: stakeholder engagement; definition and prioritisation of requirements, both functional & non-functional; service definition, development and implementation of supporting processes; and service management.
Build and implement the strategy for the collection of data, its enrichment and analysis to support, maintain and improve our controls assurance programme.
Ensure we utilise the gathered data to identify areas of risk, highlight control deficiencies and support their remediation, and provi...
Before you apply, we encourage you to learn more about Old Mutual Wealth
Be unique. Be authentic. However you prefer to say it, we really mean it. Our culture
embraces people’s diverse perspectives and creates a positive environment where everyone
belongs. We’re determined to build a better, more connected world for everyone.
Ensure we utilise the gathered data to identify areas of risk, highlight control deficiencies and support their remediation, and provide relevant dashboards and key management information to improve compliance and assurance activities and their respective reporting requirements (RCSA, KRIs, LoR, etc.).
Monitor and track usage of the dashboards and management information reporting for usefulness and effectiveness, and identify any required changes and improvements.
Work with the Continuous Controls Monitoring Specialist (part of the CISO team) to design, configure and maintain of a suite of platform based management information functionality, and manage the functionality and capability roadmap, analysing requirements and prioritising their development and release schedules.
Utilise the data from IT and information security toolsets to enhance our information security assurance programme with the delivery of bespoke, data driven, contextualised monitoring and reporting.
Build relationships across the business, provide demonstration sessions, design and deliver training, and help drive the implementation of the platform.
Key Behavioural Skills:
Focus on our values:
Innovate, take bold steps forward
Stand up for what's right
Question convention and stay curious
Use expertise to deliver on promises
Persevere to get the right outcome
Act with focus and care
Collaborate, learn from experience, and adapt
Share openly and transparently
Listen, to include new perspectives
Knowledge, Skills & Experience:
Previous experience working in a service management role.
Self-motivated and able to drive a sophisticated multifaceted assurance programme with minimal supervision.
You will understand the need for controls, and work with partners to monitor and improve their effectiveness.
Some experience of controls implementation and monitoring.
A good understanding of the need for data driven, objective assurance and reporting.
Strong relationship management and influencing skills, in particular at senior levels in a complex organisation.
An interest in information security, familiarity with ISO 27001, NIST or other security frameworks
Understanding of core information security principles, concepts and approaches.
Inclusion & Diversity:
We are committed to creating an inclusive culture which embraces diversity. We promote equal opportunities and ensure that no applicant is subject to less favourable treatment on the grounds of gender, marital status, nationality, ethnicity, age, sexual orientation, responsibilities for dependants, physical or mental disability. We select candidates for interview based on their skills, qualifications, experience and potential.
Contact the Recruitment Team
If you have a specific question about any of our vacancies please get in touch.