To support the Business lines with Cyber Security and Resilience, we are establishing a dedicated 1st line Information and Cyber Security (- ICS- ) Centre of Excellence (- COE- ). The COE will improve framework, controls, services and products and continuously improve cyber security resilience and support the Business via their Heads of ICS.
The global utility will be established as a ICS COE to maintain sustainable processes for all Business and Function ICS requirements, covering Change and Business as Usual (- BAU- ) aspects. It will also be pivotal in
- Sharing of best practice across the Business lines to urgently reduce risk
- Facing off to the Business / Function / Regional Head of ICS (- HICS- ) in support of their agenda across all ICS capabilities and requirements
ICS is a top priority and this role offers the opportunity to contribute and learn in a fast paced and evolving environment.
This is a new role will report directly HICS, COE, will support the HICS community to manage the following ICS capabilities:
1. Regulatory Exam
a. Coordinate responses to regulatory exams with HICS
b. Interface with all service providers including STS, Technology & Innovation (- T&I- ), Third Party Security Assessment (- TPSA- ), Resilience, CISO in order to accurately and efficiently complete reports
c. Ensure remedial actions are prioritized into requirements
d. Maintain an inventory of regulatory responses from the first line to expedite future responses
e. Perform gap analysis between regulatory requirements and current SC control standards
f. Agree SLAs with stakeholders and regularly report status, escalate slippages accordingly
g. Face off to Regional / Business / Function HICS who are accountable for successful completion by providing regular status reporting
h. Comply with the pre-submission review process for ICS regulatory obligation returns
i. Maintain a forward-looking timeline of obligations and resource requirements
j. Continuously seek to improve the process with stakeholders
2. Other new / emerging ICS capabilities where applicable
Strategy
- Ensure prioritisation and assisting the HICS community with oversight and remediation
- Identify changes required in terms of additional components, reprioritisation to anticipate and respond to changes emanating from the ICS drivers
Business
- Maintain strong stakeholder engagement with CISO, STS MT, T&I MT, Risk & Compliance, and Group Internal Audit and COOs to ensure alignment across stakeholder groups
- Escalate appropriately to ensure necessary decisions are made in a timely manner
Processes
- Drive continuous improvement across all ICS processes
People and Talent
Risk Management
Support the identification, assessment, monitoring, controlling and mitigation of ICS risks
- Adopt an anticipatory approach to risk assessment
Governance
- Assist with timely and accurate reporting to appropriate risk committees
Regulatory & Business Conduct
- Display exemplary conduct and live by the Group's Values and Code of Conduct.
- Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across The Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
- Lead the ICS COE team to achieve the outcomes set out in the Bank's Conduct Principles: Fair Outcomes for Clients; The Right Environment.
- Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
Key Stakeholders - Global Head Operations - Cyber, Data, Privacy and Automation - Global Head ICS - Head ICS, COE
- Accountable Executive, ICS TRP
- Head of Investment Delivery Assurance, ICS TRP
- Chief Operating Officers
- Security Technology Services MT
- Technology and Innovation MT
- Global Head Governance & Change, CIO
- Chief Information Security Office
- Head, Operational Risk Information Security
- Group Operational Risk
- Head, Audit - Information Security & Cyber
Didn’t find the job appropriate? Report this Job