Information Security Manager – Cyber Security Risk

Risk Frameworks IT Assurance Frameworks Sox IT & Cyber Controls Cryptography Testing

Job Specification

We are currently working with a large retail banking group who are looking for an IT & Cyber Controls Testing lead to join their team and be responsible for effective IT controls testing throughout the groups IT risk frameworks.

In this role, you will be leading multiple teams and be a key contributor in both strategic and operational decision-making. Your responsibilities will include:

• Leading IT Sox, IT & Cyber Controls, Cyber Control, Code of Conduct & Cryptography testing teams
• Assessing IT/Cyber controls and any associated risks in an accurate and transparent way and providing expert knowledge and guidance on controls
• Providing a thorough analysis of MI and controls data and providing inputs into the IT Divisional Risk Committee and other department risk forums and taking ownership of subsequent actions
• Being responsible for planning, executing, monitoring and reporting of associated control testing/assurance activities

You’re background:

• Advanced knowledge of IT/Cyber controls and testing practises within IT and business processes
• Relevant experience in the IT organisation of a financial institution or audit/consulting firm
• Demonstrable experience in designing controls and testing methodologies (e.g. CAAT, sampling)
• Subject matter expert in auditing or testing of at least one of the control frameworks such as Cyber Security or IT SOX Controls
• CISA/CISSP/ITIL/CRISC or equivalent qualification would be beneficial
• Strong understanding of various IT Assurance Frameworks (COBIT, ISO27001, ITIL, NIST etc)
• Strong understanding of regulatory requirements (GDP, BASEL, SOX, FCA etc.) and current and emerging technology trends would be useful