Life on the team
We are now looking for a Cyber Strategy & Portfolio Manager within our GIS Security Management Office.
As the Cyber Strategy & Portfolio Manager, you play a critical role in the SMO, directly supporting the CISO. You are responsible for overseeing cybersecurity transformation initiatives, ensuring alignment with strategic cybersecurity priorities, and enhancing Computacenter's security posture and resilience. Your role involves aligning cybersecurity strategy with the business goals, evaluating security initiative options, and supporting the prioritisation of changes.
What you'll do
Role Overview: The Cyber Strategy & Portfolio Manager will ensure alignment of cybersecurity projects with the overall cyber strategy and objectives.
Portfolio Management (80%)
* Evaluate and Adjust Strategy: Continuously assess and inform the Head of SMO and CISO of necessary strategy adjustments to address new threats, evolving technologies, and regulatory changes.
* Align Initiatives: Ensure all transformation initiatives align with the overarching cyber security strategy and objectives.
* Impact Assessment: Identify and address the impact of portfolio initiatives on policies, control scoring levels, and other cyber requirements.
* Monitor Progress: Oversee the progress of initiatives to ensure they meet objectives and provide value.
* Provide Artifacts: Deliver clear, accurate, and reliable information to the Head of SMO and CISO.
* Leverage Reporting Platform: Use the Security Reporting Platform to prioritize activities, oversee project progress, and realize benefits.
* Engage in Prioritisation: Participate in projects influencing prioritization and cyber risk impact.
* Meetings: Actively lead in Security Portfolio Review Meetings to assess portfolio progression and alignment with security capabilities.
* Stakeholder Engagement: Understand and address stakeholder needs, expectations, and priorities.
* Communicate Decisions: Clearly communicate the rationale behind portfolio prioritization decisions and manage expectations.
* Feedback and Improvement: Provide feedback to improve future portfolio initiatives and outcomes.
* Metrics: Evaluate KPIs to measure the effectiveness and progress of the cyber security portfolio.
* Develop Roadmap: Create and implement a cyber transformation roadmap aligned with strategic objectives and risk appetite.
* Generate Reports: Produce relevant reports on the cyber security portfolio.
* Communicate Value: Use insights and reports to demonstrate the value of transformations, securing stakeholder buy-in and commitment.
Business Engagement (20%)
* Collaborate with Capability Owners: Identify project value to support CMMI scores.
* Coordinate with GIS Functions: Ensure communication of portfolio initiatives aligns with CISO requirements.
* Engage Key Stakeholders: Work with management, business units, and IT teams to ensure alignment and support for cyber security initiatives.
* Manage Expectations: Maintain regular and effective communication and collaboration to manage stakeholder expectations.
What you'll need
* Minimum 4 years of professional experience in an Information Security / Cyber Security function.
* Leadership and strategic thinking
* Ability to collaborate with cross-functional teams.
* Strong people skills and the ability to build relationships with stakeholders at all levels of the organisation.
* Awareness and understanding of security strategy and its drivers and goals.
* Ability to measure and suggest security investments based on cost-benefit analysis.
* Ability to consistently evaluate prioritisation decisions.
* Strong organisational and time management abilities.
* Familiar with regulatory requirements and industry standards related to cybersecurity.
* Excellent written and verbal communication skills.
* Excellent PowerPoint skills.
* Awareness and understanding of GIS operating model.
* Awareness of GIS adopted frameworks and processes including ITIL, SAFe, DevSecOps, etc.
Key Technical Skills (SFIA Codes where applicable)
* Cybersecurity frameworks inc. NIST CSF, and Secure Controls Framework SCF
* Information security standards inc. GDPR, SOC 2 and ISO27001