Information Security Officer - Banking London
Permanent
MUST HAVE PREVIOUS BANKING EXPERIENCE TO BE CONSIDERED
The Information Security Officer works within the Information Security Office of the Bank to ensure all information and cyber risks are identified, analysed, mitigated, and monitored, ensuring the smooth operation of the Bank. Where improvements are needed, the ISO will contribute to the Information/Cyber Security Strategy and Roadmap, enabling both defence-in-depth and, where appropriate, defence-in- breadth to safeguard normal banking operations.
The ISO will collaborate closely with Security Engineering, Security Operations, and Business Resilience Teams across the bank
It ensures that Executive Management's risk targets are met and contributes to the continual improvement of the Bank's Cyber Assurance Framework, enhancing the control measures that defend the Bank.
Advise business units on security-related issuesand initiatives.
Oversee Second Line projectactivities to evaluateinformation security risksfor new projects, products, systems, and other significant changes within the bank.
Supervise the resolution of risks and issues identified during audits or external assessments.
Develop, review, and maintaininformation security governance documents, including policies, standards, frameworks, and procedures.
Create and deliver Information/Cyber Security Awareness training, educating NBKI staff on best practices.
Provide regular updates and reports to the Information Security Management System (ISMS) governance committee.
Support the ISO in annual budgetingand planning.
Relevant Information Security qualification (degree, CISSP, or CISM) obtainedor in progress.
Strong technical acumen with broad knowledgeacross Information/Cyber Security, Software Development, and IT systems.
Willingness to learn and expand skillsin both Information Security and Financial Services.
Ability to work autonomously and flexibly withina team, contributing to an improved Bank security posture.
Analytical skillsto interpret data and provideinsights into threatsfacing the bank.
Awareness of common Cyber Incidents and Security breaches(OWASP).