Head of Group cyber & Technology Risk Management – Global Financial Institute


  • Drive the development of policies, controls, standards and procedures that incorporate all applicable legislative requirements, industry standards and best practices. Consult on the implementation where necessary
  • Monitor information security trends and changes in the threat landscape. Keep senior management and relevant stakeholders informed. Propose projects/changes activities to address control gaps
  • Deliver compliance and governance reporting, including developing and maintaining key risk and performance indicators
  • Work with senior stakeholders to maintain an information security management system (ISMS) and develop an information security strategy
  • Drive alignment, integration and consistency of security management across the Group. Identify and escalate significant variances
  • Support the delivery of security risk assessments and 2nd line compliance assurance programmes. Manage security risk register/enterprise security risk profile
  • Support the resolution of cyber security audit actions
  • Support investigation of security breaches and pursue associated forensic analysis, disciplinary and legal matters
  • Support security governance committee meetings. Prepare management reports, consultative papers and presentation materials
  • Liaise with key stakeholders in information technology regarding information security initiatives
  • Provide guidance, awareness training and advocacy of information security and data privacy across the group
  • Develop relationships with industry partners, law enforcement, regulators and other related government agencies


  • An intelligent, articulate, consensus building, persuasive individual with highly effective communication skills for delivering information security/data privacy messages to a broad range of technical and non-technical audiences
  • University degree in business, technology, information security, computer science or related fields of study
  • Over 14 years security experience in which at least 6 years Senior Management experience or above gained from multinational financial institutions or consulting organizations
  • Project management experience and literate in IT risk management, IT risk auditing and/or compliance
  • Strong knowledge in IT environment and security related controls from both a tactical and strategic viewpoint
  • CISSP or other security certification/accreditation preferable
  • Knowledge of regulatory developments and supervisory practices
  • Knowledge of NIST Cyber Security Framework (CSF) and/or Identity & Access Management (IAM) technologies and processes advantageous but essential

Leave a Reply