Head of Governance and Risk 12-month contract

Job Description

Job title: Head of Governance and Cyber Risk Role type: Contract (12 months) Department: IT Security Location: EMEA Company overviewNomura is an Asia-based financial services group with an integrated global network spanning over 30 countries. By connecting markets East & West, Nomura services the needs of individuals, institutions, corporates and governments through its three businessdivisions: Retail, Asset Management, and Wholesale (Global Markets and Investment Banking). Founded in 1925, the firm is built on a tradition of disciplined entrepreneurship, serving clients with creative solutions and considered thought leadership. For furtherinformation about Nomura, visit www.nomura.comDepartment Overview:Key objectives critical to success:We are seeking an experienced Governance & Cyber Risk Management Expert who will lead in the following areas:

• Support the Global Head of Cyber Security, working in coordination with regional Head of Cyber Security
• Take key learnings from regulator findings, relating to policy, standards, and the Cyber Risk framework, to improve thematically the approach to Cyber Risk Management, ensuring it meets industry best practice.
• Understand key business, Cyber Risk and strategies within the Bank to ensure the Cyber Risk strategy aligns with and supports the wider strategies within the Bank.
• Ensure Cyber Risk Management is aligned to existing frameworks and programmes with enterprise Cyber Risk and operational Cyber Risk.
• Assess the current framework, KRI metrics, processes etc. pertaining to Cybersecurity operational KRIs and provide recommendations on missing parameters and improvement plans.
• Support and embed practices for the effective and timely reporting to appropriate risk committees on the evolution and progress of the Risk Strategy and regular status updates for reporting to the CISO.
• Help the organization in building board level cybersecurity KRIs
• Develop operational & executive reports and dashboards to provide an update on risk posture to key stakeholders, risk owners and leadership team.

Stakeholder Management and Business Alignment* Build trusted working relationships with other security functional heads, Cyber Risk and compliance counterparts, and business unit stakeholders. * Understand the impact of our deliverables on the business including ensuring a cost / benefit analysis is conducted to ensure service value add is understood.Regulatory and Business Conduct* Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Codeof Conduct.* Effectively and collaboratively identify, escalate, mitigate and resolve Cyber Risk, conduct and compliance matters.* Demonstrate leadership ability to ensure that the team achieves the outcomes set out in the Banks Conduct Framework and Principles.* Provide ongoing reporting of Cyber Risk exposure into governance meetings and to key stakeholders and escalate any blockagesSkills, experience, qualifications and knowledge required:

• Ability to create effective work relationships across functions & borders
• Understanding of the regulatory environment and developments related to the financial services industry
• Strong change management, stakeholder and relationship management experience, ideally from within Financial Services industry
• Sound knowledge of Cyber Risk governance frameworks & processes
• Analytical / critical thinking skills
• 7+ years experience in financial industry in areas of Risk and Governance
• Experience with risk-based decision making and risk-treatment processes
• Excellent communicator towards Executives
• Previous experience in a similar role, responsible for the Cyber Risk framework strategy
• Experience in a senior role in Cyber Risk and/or governance
• An understanding of high-level cyber threat scenarios and how they can contribute to the development of a threat focused Cyber Risk framework
• Politically aware, able to facilitate outcomes where priorities and personalities are in conflict.
• Communication Skills: o Excellent English oral and written skillso Ability to communicate and explain complicated Cyber Risk issues to business stake holders in across the Bank in a simple and business-friendly wayo Ability to construct and produce complex Cyber Risk reporting governance materials in a business-friendly way
• A self-starter, able to take initiation, to navigate within the approved parameters to work out a sensible and practical recommendation or decision
• Embrace the value of cultural diversity

Desirable

• ISACA CISA, CRISC, CISM, CISSP certified and currently maintaining that certification

Diversity & Inclusion Nomura is an equal opportunity employer. We value diversity and are committed to ensuring we best reflect the diversity of the communities we serve creating an inclusive environment for all our employees. We welcome all applications and do not discriminateon the basis of age, disability, gender identity and gender expression, pregnancy and maternity, marriage and civil partnership, race, religion or belief, sex or sexual orientation.If you require any assistance or reasonable adjustments due to a disability or long-term health condition, please do not hesitate to contact us.