Information Security Programme Manager
Salary £75000 - £90000 per annum
Consultant Darius Goodarzi
Date posted 31 August 2016
A Global Investment Bank in London is looking for an Information Security Programme Manager to join their growing team.
About the Senior Information Security Programme Role:
In the business critical Senior Information Security Programme you will initially lead and manage the remediation delivery of a major control issue relating to information risk across all areas of the firm. You will also provide leadership for operational management including oversight and when required hands-on delivery of preparation and transmission of commutations, MI, reports and financial/resource status reporting to strict deadlines.
You must be capable of performing in many of the Group-level information and Cyber specific processes and at any one time will be assigned to leading, managing or supporting multiple activities as follows:
- Support leadership to build, operationalise and integrate the new team within the wider CRCC function
- Lead and manage the construction and delivery of a plan of remediation actions with identified deliverables, milestones, funding, resources and stakeholders
- Ensure that management information and reports are implemented with approved solutions for reporting media and target recipients identified
- Lead a calendar of committed delivery and available resources, including mechanisms for ensuring that threats are proactively identified
- Interface/negotiate with peer and senior stakeholders
- Support Leadership to ensure the objectives of the Global Information Security Strategy and Policy are met, and that our high performance culture is maintained
- Lead engagement with all risk and audit stakeholders to ensure that all audit Issues are clearly identified
- Lead and be responsible for projects/programmes of remediation for identified risk and control Issues
- From identified Issues/Audits, solution remediation Controls required and implement a programme of work
- Lead and Manage definition of project/programme requirements and associated funding and resource requirements
- Prepare and support Business Cases and Medium Term Planning
- Lead senior stakeholder engagement and influence accordingly the risk community and audit functions
- When required, deputise for the Head of Major Change Programmes and Head of Information and Cyber Risk Management
- Evidenced and extensive experience in Risk and Control environments within Enterprise Risk Management Frameworks (or similar) in large, matrix organisations
- Experience of supporting implementation of (or remediation of) Policies and Standards with associated specific measures such as Key Risk Measures/Key Performance Indicators
- Experience of interface with risk and audit functions
- Evidenced experience in technology/operational project delivery, preferably with appropriate qualifications
- PMO/Project management of delivery tasks and plans
- Business Reporting Skills: Advanced level of reporting skills including ability to produce highest quality outputs independently to strict deadlines and without rework
- Highest standards of literacy and numeracy, preferably with structured problem solving techniques
Your qualifications should include:
- CISSP (required) CISA, CISSP may be considered
- Enterprise Risk Management Frameworks
- PRINCE II
And ideally include:
- Software development lifecycle e.g. SDLC/ Experience of Agile/LEAN technique, ITIL.
- Structured problem solving/Six Sigma (advantageous)
- SQL or similar structured query reporting languages (advantageous)
The role provides an excellent dual opportunity for those looking to advance their career in information and cyber risk management whilst simultaneously improving management of delivery within a technology and operational environment. The role requires a highly organised, disciplined, flexible and resilient individual.
If you are interested please apply now or call me on 0207 509 8040 to find out more.