Join us as a Security Risk Manager
* In this key role, you’ll be working with the domain lead to define and manage Security policy, risk governance, policy assurance, and awareness
* We’ll look to you to lead the management of security risk across the Group and build extensive networks with other risk teams and working closely with second and third lines of defence
* It’s an opportunity to use your risk and security expertise to create a well evidenced security environment
* You will be responsible for leading a team of domain specialists
What you'll do
As a Security Risk Manager, you’ll stay abreast of industry good practise and changing regulations, finding ways to capture and explain these requirements in risk standards adopted across the bank. You’ll work with teams in Security, across the group and all three lines of defence to promote high standards of Security. Additionally, you’ll prepare and communicate complex Security principles to expert and non-expert audiences across the bank..
You’ll also be:
* Enabling a culture of continuous improvement and collaborating with others, focusing on automation, embedding and robustly measuring controls
* Making sure that decisions are based on robust data, return on investment and value measures that demonstrate thoughtful and intelligent cost management
* Encouraging the identification of ideas and driving the delivery of initiatives that will reduce cost and simplify the bank
* Building and leveraging relationships with colleagues across the bank to ensure decisions made are commercially focused and create long term value for the bank
* Agreeing and delivering the security awareness strategy for the bank
The skills you'll need
To succeed in this role, you'll need experience of leading or delivering security consultancy. You'll also need excellent problem solving and technical skills, allowing you to work with our customers to create solutions that deliver for the business and are secure.
Additionally, you'll need:
* A relevant security qualification, such as a CISSP or equivalent
* The ability to lead teams of specialists, ensuring consistency in processes across multiple teams
* Experience of creating MI which demonstrates the value and efficiency of the processes we manage, and as a result recommending process improvements
* Experience in developing information security controls
* The ability to communicate technical issues in a clear and concise manner to senior stakeholders
* Knowledge of security good practices and risk frameworks