Specialist, Cyber Risk Strategic Analysis, Group Cyber & Technology Risk, Group Risk

Job Description:

• Lead the group in identifying emerging cyber risks that require attention from business functions to protect customer's wealth and data
• Monitor cyber threat landscape through internal and external sources to track emerging technology and cyber threats for the group's attention.
• Identify and propose potential treatment plans for emerging cyber risks of concern for adoption by the relevant business function
• Develop and maintain (i.e. ownership of) relevant cyber risk frameworks, policies and procedures while supporting Group Risk frameworks, policies and procedures from a cyber risk perspective
• Establish channels to collect, verify and report on cyber risk metrics for consolidation and presentation to the relevant risk governance forums
• Lead or support cyber risk initiatives as part of key control testing or operational improvements such as but not limited to Intelligence Led Penetration Testing, Bug Bounty, eGRC tooling, etc.
• Support technology and cyber incidents through advisory, independent assessments and post mortem reviews

Job Requirements:

• Bachelor's degree related to Information Technology, Cybersecurity or Risk Management
• CRISC, CISSP, CISM, CISA or equivalent certifications preferred
• Cybersecurity Framework Application
• Cybersecurity Management
• Risk Management and Compliance as default