Head of Cyber GRC

Job Description

The VacancyWinterflood Securities has created an exciting new role to assume ownership of Cyber Governance, Risk and Compliance (GRC). The incoming Head of Cyber GRC will be responsible for analysing, developing and maturing Winterfloods Cyber and Information Security Governance, in line with deliverables achieved during, or roadmapped by, Winterfloods recent Cyber maturity programme, whilstaligning with industry-standard frameworks. The role extends to the planning, delivery, and oversight of key related programmes and workstreams associated with Winterfloods Cyber strategy. Key Responsibilities

• Provide leadership for maintaining and developing information security policies, procedures and standards in line with business needs, assisting the business to interpret and apply the framework.
• Ensure all changes to policies, procedures, projects and regulations are fully embedded within the business and, where appropriate, that the appropriate testing is undertaken
• Develop dashboards / reports to provide visibility to Winterflood and Group Management of Winterfloods security situational awareness.
• Deliver cyber and information security governance messaging to internal committees up to Board level
• With assistance/input from the Head of Information Security and Group CISO, advise management on meeting cyber security requirements, and on any changes to relevant regulations/compliance.
• Support internal and external audits on information security topics, including the tracking and management of associated actions to completion.
• Maintain the cyber security corrective action plan/Cyber Roadmap ensuring ongoing review of actions to be completed in line with Winterfloods risk appetite and ensuring that owners complete actions by the agreed target dates.
• Providing support to local teams covering all aspects of their cyber risk, audit and incident management activities.

Engagement and Delivery

• To offer assistance to senior stakeholders in the delivery of key objectives within the scope of Cyber programme and BAU work.
• To demonstrate a strong degree of flexibility and willingness to work closely with different areas of the business to deliver exceptional results for the wider IT team.
• To engage with external parties where required to discuss, negotiate, and gain a general understanding of delivery requirements and associated deadlines.

Essential Skills & Experience

• Recognised industry certification (Examples - Certified Information Systems Manager (CISM), Certified Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP)) or equivalent experience
• Previous experience working with or deploying NIST, FSSCC (CRI), or equivalent frameworks
• Experience working within a cyber and/or information security governance team in the first or second line, ideally using an ISMS or equivalent
• Experience responding to and working with audit teams
• Working knowledge of technical infrastructure, networks, databases and systems
• Understanding of Operational Resilience
• Highly detail focused with an excellent technical writing style
• Excellent communication skills and ability to build a good rapport with colleagues.
• Pro-active can-do attitude with excellent problem-solving capabilities
• Excellent time keeping and prioritisation skills including project management and delivery.
• A willingness to seek out and better understand regulatory practises in the Financial Services industry and understand their relevance to Winterflood
• A good working knowledge of Microsoft Office products (Excel, Word, PowerPoint, and MS Project)

Personal Attributes

• Strong attention to detail, ability to carry out analysis and present in a meaningful way
• Collaborative mindset with a willingness to engage with a range of stakeholders
• Commitment to continuous personal development
• Ability to think ahead and anticipate situations
• Strong articulation skills and writing ability
• Ability to multi-task, work well under pressure and use own initiative

Company BenefitsSalary - competitive

• Discretionary annual bonus & annual pay review
• Work Abroad Policy for up to 15 days per year
• 25 days holiday plus bank holidays and additional well-being day
• Option to purchase an additional 5 days holiday per year
• Flexible working options available, including hybrid working
• Pension scheme up to 10% employer contribution
• Sharesave scheme
• Income Protection & Life insurance (4 x salary core level of cover)
• Private health care via BUPA
• Employee Assistance Programme
• Discounted Gym Membership
• Variety of travel to work schemes

Company benefits are provided on completion of either six months service, or a successful probation period whichever is sooner. Entitlement outlined above is in respect of full-time entitlement, and will be provided to part-time workers on a prorated basis in accordance with the relevant scheme rules. All benefits are subject to rules of the scheme and associated provider. The Company in its sole and absolute discretion reserves the right to discontinue, vary or amend any of the aforementioned benefits. At Close Brothers we look to recruit individuals from all different backgrounds and encourage you to apply even if you dont tick every box. We celebrate diversity, promote inclusivity and are open to discuss flexible work options to help you balance your workand home life.