Coordinate and deliver information security risk management program including: participation in broader risk management activities for the enterprise and the development, evaluation, and adherence to multiple areas of practice such as vulnerability management, vendor (third-party) and information security risk management Drive information security improvements within the UKI regions using KRI's / OSI's as necessary. Represent GSO at UKI Risk Management Committee (RMC), Regional Security Forums and at UKI Board Meeting's Serve as a regional point of escalation for remediation/mitigation efforts with respect to Information Security Develop security improvement programmes and approach in consultation with regional CIO, CTOs and business stakeholders Liaise with regional IT, Internal and External Audit, Clients to identify, track and provide remediation guidance for new projects, services and/or third-party contracts in terms of information security assurance Serves as the intake on regional security related inquiries and coordinating with global GSO Subject Matter Experts
•5+ years of security governance, risk, vulnerability management, security and compliance management experience • Prior experience with security policy, standards, and controls definition including ITGCs. • Strong knowledge of current and emerging cyber security risks, and innovative risk management methods • Ability to collaboratively develop a security risk improvement programme in conjunction with stakeholders • Strong analytical thinking, written, and oral communication and presentation skills • Demonstrated knowledge of industry authoritative sources such as COBIT, NIST, and ISO standards. • Must have the ability to influence others and work at all management levels across the organizational structure • Experience of matrix managing projects/team • Broad understanding of security concepts, including security certifications like CISSP, CISM • Experience working in an international/global organization
Be unique. Be authentic. However you prefer to say it, we really mean it. Our culture
embraces people’s diverse perspectives and creates a positive environment where everyone
belongs. We’re determined to build a better, more connected world for everyone.