You will have prior experience in a complex and evolving environment in regulated financial services across different regions and jurisdictions.

Responsibilities:

• Support in the development and improvement of the group information security management system.
• Support in delivery of initiatives to mature security controls, services and processes.
• Support in building effective governance and oversight of security controls and services.
• Support in the delivery of the Information Security strategy.
• Support in the operation of the Group Information Security committees.
• Contribute to the management of Information & Cyber Security risk.
• Contribute to the development and maintenance of formal security documentation (i.e. policies, standards).
• Provide central services in support of in-region security teams.
• Support in the assessment, analysis, communication and reporting of information and cyber security risks to the appropriate audiences.
• Support in the creation and delivery of security reporting and MI.
• Support in the development and delivery of consistent global services that enable delivery of the business goals.
• Support in the management of policy and standards exceptions.
• Maintain Information & Cyber Security data within the company GRC solution

Requirements:

• Strong Information Security experience.
• Good knowledge of the practical implementation of information security and risk frameworks such as NIST CSF, ISO27001, NIST 800-53 and COBIT.
• Good knowledge of auditing frameworks such as ISAE3402 and SOC2.
• Experienced in managing security risk.
• Experience in developing and managing formal security documents.
• Proven ability to manage internal stakeholders.
• Good ability to communicate information security and risk concepts to stakeholders at all levels.
• Professional Information Security qualification such as CISSP, CISM, CISA, CRISC.