I hope you’re okay! Are you ready for your next professional adventure?
We share your motivation to progress your career and achieve your ambitions – so we want to let you know about the latest Cyber Delivery Assurance Lead- London role. Check out the details for this vacancy, with a world-leading airline company, below:
Location: Waterside, London
Contract ended: 12 months
Hours: Monday to Friday (37.5 hours a week)
Rate: £700- £725 per day through UMBRELLA (Inside IR35)
Job purpose:
* This role reports to the Head of Cyber & IT Risk, workingclosely with BA Tech DeliveryTeams, the BA Cyber Team and the IAG CyberSecurity Office. Act as the BritishAirways Cyber representative on product delivery and operate as part of “product” teams, providing advice on the implementation of cyber security policies and standards across all releases and on-going maintenance.
Accountabilities:
* Provide assurance to the Head of Cyber & IT Risk that product delivery and maintenance meet’s BA’s risk appetite and that controls are operating effectively.
* Successfully embedding security by design with proportionate appropriate cyber controls aligned to risk.
* Senior stakeholder management (negotiation and influencing) across multinational organisations, including third party suppliers and delivery partners.
* Take full responsibility for the secure delivery of programmes, by assisting the product team by interpreting and embedding Cyber Security policies, standards, guidelines and procedures to an agreed framework against all product team deliverables.
* Engage proactively with the IAG Cyber Security Office (CSO) project assurance and architecture functions, ensuring consistency and best cyber practice is adhered to.
* Provide authoritative advice and guidance on the application and operation of all types of security controls including legislative or regulatory requirements.
* Advise users on risk management and reduction and promote awareness in conjunction with cyber awareness programmes.
Skills
* Ability to undertake threat and risk assessments across varied technology stacks, identifying suitable mitigating controls.
* Demonstrates clear leadership and an ability to communicate, influence and persuade across the organisation at senior levels, leading by example and aligning stakeholder groups around a common vision.
* Initiates and manages change to help secure the future direction of BA.
* Prioritisation across multiple products, based on overall product team structure and delivery strategy.
* Strong ability to work under pressure in a changing environment
Qualification
* Broad technical knowledge of cyber security controls demonstrated by attainment of appropriate qualifications e.g. CISSP, ISO27001 Lead Implementor or relevant SANS GIAC or equivalent
* Knowledge of the NIST framework, PCI DSS, GDPR and NIS as well as NCSC cyber guidance.
* Experience working in an agile delivery environment would be highly advantageous.
* Specific cyber knowledge and demonstrable experience in at least one of the following areas: Cloud security, network security, digital security (multi-platform), infrastructure security, security by design, security architecture
* Experience working in a regulated environment with specific cyber requirements that require interpretation and application.
Key performance indicators
* Collaborative engagement in programme and product governance to ensure secure delivery.
* Regular, accurate updates to stakeholders on security deliverables for programmes and products.
* Identify, report and manage cyber security risks and exceptions for products throughout their lifecycle.
Start Date
ASAP
Interested in applying? Just reply with an up-to-date copy of your CV to get the ball rolling.
Or if it is not quite right for you, but you have someone in mind for the role – please let me know.