This vacancy is now closed

Cyber Security Manager - City of London

IT/Information/Cyber Security
Ref: 47 Date Posted: Thursday 06 Jun 2019
LinkedIn ShareShare
Company: Financial
Location: City of London
Reports to: Regional Chief Information Security Officer
This is a fixed term full-time contract initially for one year but with the possibility of extension or transfer to a permanent role.

The Role

Reporting to the Regional Chief Information Security Officer (‘CISO’), the Cyber Security Manager (‘CSM’) will be responsible for the development and delivery of cyber resilience and cyber security risk management in London and to
locations across Europe.
Key activities and key competencies:
Within parameters agreed with the Regional CISO, to design and deliver cyber resilience, thus achieving acceptable levels of risk management within the FCA ‘systems and controls’ regime. Building on existing cyber resilience activities, to deliver:
  • Management of infrastructure cyber risk, including mapping of potential threats, risk analysis, risk mitigation and management reporting
  • Identification and assessment of non-technical cyber threat vectors, including outsourcing, supply chain, physical security, employee management. Working with internal and external stakeholders, the implementation of internal SLAs and KPIs to minimise and report risk.
  • The design and delivery of a local cyber incident management process, aligning with Group standards and FCA requirements
  • Assessment of the cyber resilience maturity within London branch at both management and business levels, to include cyber ‘desktop’ testing.
  • The design and delivery of cyber contingency planning at management and business levels, based on lessons learned from cyber tests, the business environment and local risk appetite.
  • User awareness training matching London’s requirements
  • Full documentation of cyber resilience activities and design of appropriate management reporting structures.
As each stage of the project is delivered, the CSM will design and implement ‘business as usual’ risk controls to ensure continued compliance with its requirements. The CSM will also adapt the outcomes of the cyber project to provide appropriate risk reporting to other European locations.
The CSM will be an experienced information and cyber professional, with a demonstrable track record in designing and delivering similar projects within the sector. They will have worked at CISO or equivalent level and have clear ability to deal with senior business management, internal audit and regulators.
They must be able to reconcile technical cyber risks with operational risk management, developing the understanding of senior business leaders.