Information & Cyber Security - Centre of Excellence - Requirements Management
To support the Business lines with Cyber Security and Resilience, we are establishing a dedicated 1st line Information and Cyber Security ( ICS ) Centre of Excellence (COE). The COE will improve framework, controls, services and products and continuously improve cyber security resilience and support the Business via their Heads of ICS.
- The global utility will be established as a ICS COE to maintain sustainable processes for all Business and Function ICS requirements, covering Change and Business as Usual (- BAU- ) aspects. It will also be pivotal in
- Sharing of best practice across the Business lines to urgently reduce risk
- Facing off to the Business / Function / Regional Head of ICS (HICS) in support of their agenda across all ICS capabilities and requirements
ICS is a top priority and this role offers the opportunity to contribute and learn in a fast paced and evolving environment.
This is a new role will report directly HICS, COE, will support the HICS community to manage the following ICS capabilities:
1. Requirements Management
a. Maintain full inventory of ICS requirements - Policy, Regulatory, Industry
b. Map to Bank's Control Library
c. Maintain gap analysis and link to remediation plans
d. Interface with Chief Information Security Office (- CISO- ), Technology & Innovation (- T&I- ), STS, Compliance and HICS to ensure completeness of inventory of ICS requirements
e. Leverage existing inventory such as the obligations register where available and existing policy and standards
f. Publish material gaps to HICS for reporting to Non-Financial Risk Committees (- NFRCs- ) and track action plans. Other new / emerging ICS capabilities where applicable
Strategy :
- Ensure prioritisation and assisting the HICS community with oversight and remediation
- Identify changes required in terms of additional components, reprioritisation to anticipate and respond to changes emanating from the ICS drivers
Business :
- Maintain strong stakeholder engagement with CISO, STS MT, T&I MT, Risk & Compliance, and Group Internal Audit and COOs to ensure alignment across stakeholder groups
- Escalate appropriately to ensure necessary decisions are made in a timely manner
Processes :
- Drive continuous improvement across all ICS processes
People and Talent:
Risk Management :
Support the identification, assessment, monitoring, controlling and mitigation of ICS risks
- Adopt an anticipatory approach to risk assessment
Governance :
- Assist with timely and accurate reporting to appropriate risk committees
Regulatory & Business Conduct :
- Display exemplary conduct and live by the Group's Values and Code of Conduct.
- Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across The Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
- Lead the ICS COE team to achieve the outcomes set out in the Bank's Conduct Principles: Fair Outcomes for Clients; The Right Environment.
- Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
Key Stakeholders - Global Head Operations - Cyber, Data, Privacy and Automation - Global Head ICS - Head ICS, COE
- Accountable Executive, ICS TRP
- Head of Investment Delivery Assurance, ICS TRP
- Chief Operating Officers
- Security Technology Services MT
- Technology and Innovation MT
- Global Head Governance & Change, CIO
- Chief Information Security Office
- Head, Operational Risk Information Security
- Group Operational Risk
- Head, Audit - Information Security & Cyber
Didn’t find the job appropriate? Report this Job