Job Description

• Establish security governance and controls to protect the organizations’ information resources, in the most effective and efficient manner, in pursuit of its business objectives.
• Lead teams to internally assess, evaluate and make recommendations to senior management teams and governance committees to influence and implement the security controls to organizations information and technology systems
• Manage and assess the effectiveness and coverage of organizational Security Policies, ensuring they are up to date, complete, and aligned to business risk.
• Partner with business stakeholders to capture, monitor changes in scope, and regularly audit high-risk organizational third parties in order to deliver improved risk outcomes.
• Provide leadership, direction and guidance in assessing and evaluating information security risks, monitoring compliance to security standards and appropriate policies (SANS, CIS, NIST, ISO27001, Cyber Essentials etc.)
• Define and collect metrics operationally and assurance metrics for regular reporting to the Governance Committees and Executive Leadership Teams.
• Challenge the effectiveness of Security Governance Committees, ensuring that all participants have the authority to make decisions.
• Work with Internal Risk and Audit Teams, and External Parties as appropriate on required security assessments and audits.
• Work with business leadership to build cohesive security and compliance programs to effectively address legislative and regulatory requirements.
• Mentor and develop a Governance, risk and compliance team members and provide professional development plans for all members of the team.
• Support Chief Information Security Officers (CISO’s) in the development and approval of investment strategies and security improvement plans, budgets and targets

Work remotely:

• Temporarily due to COVID-19

Required Knowledge, Skills, and Abilities