en

Services

The UK's leading employers trust us to deliver fast, efficient talent solutions that are tailored to their exact requirements. Browse our range of bespoke services and resources.

Read more
Jobs

Let our industry specialists listen to your aspirations and present your story to the most esteemed organisations in the UK, as we collaborate to write the next chapter of your successful career.

See all jobs
Candidates

Together, we’ll map out career-defining, life-changing pathways to achieve your career ambitions. Browse our range of services, advice, and resources.

Learn more
Services

The UK's leading employers trust us to deliver fast, efficient talent solutions that are tailored to their exact requirements. Browse our range of bespoke services and resources.

Read more
About Robert Walters UK

Since our establishment in 1985, our belief remains the same: Building strong relationships with people is vital in a successful partnership.

Learn more

Work for us

Our people are the difference. Hear stories from our people to learn more about a career at Robert Walters UK

Learn more

Head of Cyber Threat Exposure (95% remote)

Save job

My client, a prestigious Insurance company, based in London, are looking for a Head of Cyber Threat Exposure to join their growing team. This is effectively Head of Vulnerability Management/Pentesting. In this role you will have 20 direct reports and this position is effectively remote (you may need to go into their offices 1/2 per month). Unfortunately this job does NOT offer sponsorship.

About the Head of Cyber Threat Exposure:

The Head of Cyber Threat Exposure reports to the Director of Cyber Defense and plays a crucial role in all aspects of vulnerability management and offensive activities across my client to manage business exposure to cyber threats. The purpose of this role is to provide threat-led cyber security leadership, subject matter expertise, oversight, E2E process design and implementation, and coordination of vulnerability management and offensive security services such as penetration testing, assumed breach testing, attack and social engineering simulations, red and purple teaming across all technology in BGIUK.

The role holder is responsible for leading a team of technical security experts to drive a continuous ecosystem for managing vulnerabilities and offensive security to limit my client's exposure from both strategic and tactical threats. The role holder will work in conjunction with the CISO and Technology Leadership Teams and be responsible for the design, implementation, continuous improvement and evolution of the processes and services for threat-led vulnerability management and offensive security across my client and its Business Units. The role and team will provide comprehensive dashboarding and reporting capabilities leveraging threat intelligence and proactively identify, prioritise, and remediate vulnerabilities and threat exposures in line with applicable policies, directives, controls, standards and SLAs.

Accountabilities and Responsibilities

This role is accountable for:

  • Leading and directing the Cyber Threat Exposure team with responsibility for managing and remediating security-related threats – supporting the Director of Cyber Technology in the definition and implementation of vulnerability management and offensive security strategies and technology roadmap.
  • Develop, implement, and schedule a vulnerability management program which includes regular vulnerability scanning, assessment, prioritisation, and remediation activities, with clearly defined management ownership.
  • Developing and maintaining vulnerability management processes, procedures, and tools to ensure timely identification, assessment, and remediation of vulnerabilities. Providing guidance on root cause and managing the full lifecycle of reported vulnerabilities through to closure.
  • Overseeing and coordinating security testing activities (such as penetration testing, assumed breach testing, red and purple teaming) across my client's systems, networks, applications and third parties to identify security weaknesses and exposures. Including overseeing services provided by external providers.
  • Collaborating with the Group CISO function and cross-functional teams across my client including the wider CISO teams, senior technology leadership, technology teams, architecture, cloud, security operations and Group and UK threat intelligence teams to coordinate successful vulnerability remediation efforts and track progress towards resolution.
  • Providing guidance on remediation strategies, security best practices, and risk mitigation measures, ensuring alignment with organisational goals.
  • Lead on the capability to execute attack and social engineering simulations using industry best practice techniques and tools.
  • Preparing and presenting vulnerability assessment reports, security testing results, and recommendations to senior management and other stakeholders, ensuring reports are appropriate for the relevant audience (e.g., technical or senior leadership).
  • Defining performance metrics and continuously monitoring and evaluating the effectiveness of cyber threat exposure management controls and processes and identifying opportunities for improvement.

Providing a thoughtful approach to risk management and controls simplification with measurable data driven outcomes ensuring all appropriate exceptions, issue or risk processes are strictly adhered to.

If this role is for you please apply to this job advertisement or call me on 0207 509 8040 to find out more.

Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates

Contract Type: FULL_TIME

Specialism: Information Technology

Focus: Information Security

Industry: Banking

Salary: £130,000 - £145,000 per annum

Workplace Type: Remote

Experience Level: Director

Location: London

Job Reference: QDK23C-0DE76655

Date posted: 27 September 2024

Consultant: Darius Goodarzi

I'm Robert Walters Are you?

Come join our global team of creative thinkers, problem solvers and game changers. We offer accelerated career progression, a dynamic culture and expert training.