The candidate will join one of the largest banking institutions in the world.
ABOUT THE PROJECT
The team is responsible for enabling businesses and functions to manage their information security risks as well as ensuring risk and controls are assessed and implemented appropriately, objectively and independently through professional and specialized subject matter experts. The Remediation Manager is an internal-facing role with specific responsibilities to support the Remediation function lead in the day to day activities, ensure oversight of the cybersecurity control environment globally, raise testing issues and perform related remediation activities. The Remediation team predominantly enables the timely closure of issues and mitigation of risk by proactively monitoring and establishing governance over remediation activities internally within the Cybersecurity functions and externally with the GB/GF/Regional IT and business teams.
- Collaborate with all internal and external customers through established governance channels to drive remediation of gaps and their tracking to closure. This includes implementing and maintaining an effective working relationship with key stakeholders internally and externally.
- Coordinate the remediation activities required for all security driven risks across all the customers (i.e. DBS, Cybersecurity function, global businesses, global functions and regions).
- Define processes and develop reports that enable tracking and allow oversight of all IT Security Audit issues and Management Self-Identified Issues (MSIIs). Work closely with the Delivery Support capability within each Cybersecurity function, to ensure closure of audit issues within agreed target dates.
- Proactively track the gaps identified during Security Assessments, Third Party Security Reviews and other security testing activities completed by Cybersecurity functions and provide reports that support established governance to drive remediation of gaps and their tracking to closure.
- Maintain and document remediation plans, metrics and reports that support the team in tracking the closure of all Cybersecurity owned issues (audits, MSIIs).
- Ownership and management of escalations if remediation activities are not complete on time.
- Working closely with Metrics and Reporting team within Cybersecurity to establish effective security testing metrics to support governance and reporting requirements of the business.
- Providing guidance on the Remediation framework as required.
- Support the functional lead in developing, managing and maintaining a highly skilled, efficient and effective Remediation team that focusses on defining, managing and continuously improving the core processes and activities for remediation. Support read-across and trend analysis of issues by analysing data.
- Embedding a culture of individual self-improvement, development and self-directed learning, whereby staff are expected to maintain subject matter expertise within their area of focus and more broadly within the realm of cybersecurity.
- Mentoring / Coaching / Guidance for junior team members.
SKILLS & EXPERIENCE WE REQUIRE
- Minimum bachelor’s degree and/or experience in IT security governance and operational processes, preferably in the Financial Services industry or global corporate service provider
- Good understanding of Cybersecurity risk and control framework and familiarity with Information Security standards, policies and key cyber regulations. Experience in dealing with regulatory requirements and other risk and compliance matters.
- Background – experience in Risk and Compliance Management, Vulnerability Management, Security Testing, etc.
- Positive and professional attitude, team player, flexible and adaptable.
- Confident and takes responsibility and ownership for work and personal development.
- Ability to produce clear, concise reports and insights from data for targeted audiences including senior management.
- Good spoken and written communication and ability to adapt style based on audience (Fluent in spoken / written English).
- Ability to build strong relationships and communicate on complex issues with a wide spectrum of stakeholders.
- Previous experience of delivering an excellent customer service
OPTIONAL/NICE TO HAVE
- Qualifications – one or more industry-recognised and cybersecurity-related certifications including CISA, CRISC, CISM, CISSP, CGEIT. This is preferred however not essential.
OUR CLIENT OFFERS
- Stable job in professional team,
- Interesting path of career in an international organization,
- Consistent scope of responsibilities,
- Private health care, employees’ benefits