This role will support the delivery of Global Information and Cybersecurity (ICS) regulatory requirements across the organization.
Responsibilities
* Execution of regulatory deliverables, Request for Information (RFIs), audits and regulatory questionnaire submissions with a focus on ICS & Technology Risk within a specified time and schedule.
* Define communications (planning, scoping, issues) engagement with stakeholders (regulators, control owners, senior management) related to regulatory deliverables, RFIs, audits and regulatory questionnaire submissions.
* Engage with the IC S Policies and Standard team to map IC S and Technology standards to the regulatory requirements.
* Co‑ordinating and developing high quality and timely responses to requests for information, ensuring consistency and leveraging evidence where possible.
* Engage with the IC S controls testing team where application controls testing is required. Support and monitor identified issues and gaps.
* Support manage and monitor identification and remediation of issues and gaps in line with WTW controls and regulatory requirements.
* Engage with the IC S Risk Team to ensure that the identified risks are reported and managed in line with the risk processes.
* Support management reporting specifically around engagement status and issue management.
* Supporting wider team throughout the regulatory engagements.
* Contribute to the creation of and delivery of presentations and briefings as required for the key stakeholders.
* Generating reports for technical and non‑technical stakeholders, including the creation of documentation.
* Understanding wider IC S functions and better understanding their roles and responsibilities to support our delivery.
Cross‑Functional Collaboration
* Collaborate with other regulatory compliance functions – e.g. Audit, Compliance, and Privacy, tech partners – to track compliance across the organization and pool expertise on vague or complex regulatory requirements.
* Work with business units to ensure controls are effective and appropriately address to the relevant regulatory requirements they address.
* Facilitate in attesting and demonstrating compliance with relevant authorities, regulators and auditors during compliance assessment and/or audits.
Technology and Cybersecurity Regulatory Engagements Programs
* Collaborate in the developing and shaping regulatory engagement operating model and standard processes.
* Devise and upkeep templates and tools to assist in implementing various IC S regulatory engagement programs and reporting.
* Supporting the implementation, alignment to, maintenance and monitoring of controls following Information Security standard and framework.
What You’ll Bring
* Experienced in identifying and managing risk and compensating controls.
* Demonstrable experience in analyzing and applying regulatory requirements to security practices.
* Demonstrable experience in supporting the business to implement controls to meet and maintain compliance in a highly complex global organization.
* Strong project management skills and experience.
* Excellent writing, presentation, and communication skills.
* Experience of working with a high degree of autonomy, managing own workload and delivering tight timescales.
* Familiarity with other technology, cybersecurity, and privacy regulations would be beneficial.
* Excellent analytical problem‑solving skills.
* General knowledge of IT operations.
* Holistic understanding of risk processes and functions.
Qualifications
* Ideally qualified to degree level, in IT or security related subject.
* Ideally extensive years of work experience in Information Security, Information Technology or Risk.
* Information security certifications (e.g. CISSP, CCSP, CISA, CRISC, CISM, ISO 27001 LA) are preferable.
* Project Management certification (e.g. PMP) is also preferable.
Behaviours
* Good communication skills.
* Global team player with good interpersonal and influencing skills.
* Customer focus and relationship management.
* Good analytical skills – ability to review and challenge materials produced by colleagues.
* Delivery focused, possessing high levels of resilience and determination.
* Ability to manage multiple, and changing, priorities.
* Strong desire to continue to learn.
#J-18808-Ljbffr