Social network you want to login/join with:
The role: Cyber Delivery Assurance Lead
Join our team as a Cyber Delivery Assurance Lead, where you'll play a pivotal role reporting to the Head of Cyber Delivery Assurance. Collaborating closely with Digital Delivery leadership and teams, the Cyber Team, and the Cyber Security Office, you'll oversee multiple domains or tribes, ensuring effective assurance processes and embedding security within our operations.
What you’ll do:
1. Provide assurance to the Head of Cyber Delivery Assurance that product delivery and maintenance meet the company's risk appetite and that controls are operating effectively.
2. Successfully embed security by design with proportionate appropriate cyber controls aligned to risk.
3. Manage senior stakeholder relationships (negotiation and influencing) across multinational organizations, including third-party suppliers and delivery partners.
4. Take full responsibility for the secure delivery of programmes by assisting the product team in interpreting and embedding Cyber Security policies, standards, guidelines, and procedures into an agreed framework against all product team deliverables.
5. Engage proactively with the Cyber Security Office (CSO) project assurance and architecture functions, ensuring consistency and adherence to best cyber practices.
6. Provide authoritative advice and guidance on the application and operation of all types of security controls, including legislative or regulatory requirements.
7. Advise users on risk management and reduction, and promote awareness in conjunction with cyber awareness programmes.
What you’ll bring:
1. Ability to undertake threat and risk assessments across varied technology stacks, identifying suitable mitigating controls.
2. Demonstrates leadership and the ability to communicate, influence, and persuade across the organization at senior levels, leading by example and aligning stakeholder groups around a common vision.
3. Initiates and manages change to help secure the company's future direction.
4. Prioritization skills across multiple products, based on overall product team structure and delivery strategy.
5. Strong ability to work under pressure in a changing environment.
Key enablers:
Enabling the company to embed security by design, supporting active risk management.
Key performance indicators:
To be defined based on role-specific metrics.
Your experience:
1. Broad technical knowledge of cyber security controls demonstrated by appropriate qualifications such as CISSP, ISO27001 Lead Implementer, SANS GIAC, or equivalent.
2. Knowledge of frameworks and standards like NIST, PCI DSS, GDPR, NIS, and NCSC cyber guidance.
3. Experience working in an agile delivery environment is highly advantageous.
4. Specific cyber knowledge and demonstrable experience in areas such as Cloud security, network security, digital security (multi-platform), infrastructure security, security by design, or security architecture.
5. Experience working in a regulated environment with specific cyber requirements that require interpretation and application.
#J-18808-Ljbffr