£85,000 - £90,000 per annum + Competitive Package
City of London
Resource Solutions ReJoin
07 July 2022
City of London
The Manager, Cyber Security, is to provide Cyber Security services globally, but with a specific focus on London.
This role performs the following key activities:
• Participate in the development, provisioning and successful execution of the Cyber Security
programme for the Bank to meet the Firm’s policies and standards;
• Serve as a facilitator and liaison between the business lines and the technology teams that
support them for the successful mitigation of information security risks;
• Deliver a robust and fit for purpose security operations function and manage any relevant
suppliers who support this function;
• Manage and support a range of independent security reviews on technology projects, suppliers
and end user computing, primarily in London.
Participate in the development, provisioning and successful execution of a Cyber Security programme for
the Bank to meet the Firm’s policies and standards
• Lead in the definition and design of cyber security solutions to ensure applications,
infrastructure and networks are secure and deliver the Firm’s objectives;
• Work with Infrastructure, Application delivery, operational risk, compliance, audit and legal
counsel to understand corporate requirements related to security and regulatory compliance,
and map those requirements to current security capabilities.
• Recommend process improvements and ensure compliance and adherence to the Firm’s security policies and contribute to the development of relevant standards to meet these policies
• Assist in the implementation of an IT risk, Cyber Security and Operational Risk management framework including but not limited to reviewing and managing risk assessments, risk appetite statements and risk registers;
• Coordinate security controls design, testing, implementation support and compliance monitoring across IT;
• Identify metrics and produce risk reports for stakeholders notifying them on key risks, incidents progress and status.
Serve as a facilitator and liaison between the business lines and the technology teams that support them for the successful mitigation of information security risks:
• Ensure effective communication to all key stakeholders in order to sustain relationships between business and Cyber Security;
• Initiate, facilitate, and promote activities to create IT risk and security awareness, including awareness of information security technologies and related regulatory issues that have a potential impact to the environment; and
• Participate in industry education and networking events, maintain relationships with external technology risk community and encourages continuous benchmarking of the Bank's information security against leading technologies and practices.
Deliver a robust and fit for purpose security operations function and manage any relevant suppliers who support this function;
• Lead the initiatives to strengthen the Bank’s security operations which includes threat intelligence, vulnerability management, security controls monitoring, IT security incident handling, SEIM roadmap, improvements to Cyber Security reporting, and other routine security activities;
• Work with our third party security partners and vendors.;
• Actively manage local responses to security incidents and the investigation of security breaches in line with company policy and group teams;
• Deploy measures, systems and processes to prevent the loss or theft of the Bank’s intellectual property;
• Establish and maintain a series of operational controls to ensure the correct level of independent oversight covering: use of privileged accounts, end user computing’;
• Analyse and categorise IT and security risks identified across all sources / processes including but not limited to system breaches and unauthorised access; and
• Maintain relevant metrics to facilitate reporting and decision making.
Manage and support a range of independent security reviews on technology projects, suppliers and end user computing, primarily in London:
• Ensure that security controls are appropriately designed into new IT systems by participating in project design reviews; thus ensuring that changed and existing systems remain in accordance with the Information Security Policies, Standards and Procedures;
• Perform security due diligence on vendors in line with our procurement due diligence processes;
• Track and manage remediation efforts of identified risks and vulnerabilities; and
• Coordinate the periodic penetration testing across our environment and in response to key changes to our systems and processes.