Insider Technology Risk Program Lead (2032/19) - London

£100,000 - £130,000 - IT/Information/Cyber Security
Ref: 25 Date Posted: Thursday 13 Sep 2018
LinkedIn ShareShare
Company:         Financial
Location:          City of London
Reports to:       Global Head of ICT Risk Intelligence 
Salary:             £100,000 - £130,000
Benefits:          Very generous
No. Required: 1
Start Date:      ASAP

The Role

Department Overview:
The Information and Communications Technology Risk department is part of the Group Risk Functions. It is a part of the 2nd line of defence under the Bank’s Chief Cyber & Technology Risk Officer. The department has responsibility for identification of key technology risks to the Bank and influencing business and technology partners to take sound risk management decisions. This is achieved by delivering:  
- Application & Infrastructure Risk Assessments working with the Business and Technology teams to identify security issues in existing and new systems and agree corresponding actions to mitigate or accept risks
- Tracking issues and agreed actions to completion
- Horizontal and Vertical Risk Assessments 
– Assessing technology risks in relation to a particular theme or technology across the third-party suppliers.
- Assessing risks to a product, service, technology or infrastructure. For instance, we may complete a vertical assessment on our remote working solution (including Infrastructure, applications, data, threats etc.) or our Internet connectivity
- Partnership to the Business and Technology teams in helping them understand their technology risk profile and influencing their risk management decisions.
Role Overview
The Insider Technology Risk Program Lead is responsible for the strategic planning, development and oversight of Insider Technology Risk program. As the lead, this individual will be expected to develop / enhance policies, standards, procedures and technology with the goal of predicting, detecting and responding to insider threats while also addressing various components of malicious technical activity originating from misuse of authorized access to systems or data.
This role requires working closely with key Business and IT Stakeholders, Compliance and RISK groups, Human Resources and Legal to develop a mature enterprise wide program.
Principal Responsibilities
• Operational management of an enterprise insider technology risk program – build, manage, recruit, document, and maintain a vibrant and dynamic program responsive to changing threats.
• Evaluation and review information security policies and standards in order to establish a foundation for appropriately managing systems and insider technology risk.
• Active and professional engagement of business partners in conversations that drive insider technology risk informed decisions.
• Lead highly sensitive, complex and confidential high-tech insider technology risk investigations into incidents. These might include data loss / intellectual property theft, technology misuse and conflict of interest.
• Oversight of forensic preservation of electronically stored information and data analysis in support of insider technology risk cases and other corporate matters as required
• Conduct and memorialize investigative interviews and generate investigative summary reports outlining the investigation process and results.
• Establishment and oversight of the tools, processes, and operations of user behaviour analytics as well as the investigation team’s portion of an enterprise insider technology risk program.
• Conduct risk-based analysis of users and groups across entire enterprise; develop investigative action plans based on findings.
• Assurance that the program meets the requirements of our global regulatory agencies and company supported frameworks.
• Development of the program to ensure historical events and incidents are available and used to identify trends and methods of data loss.
• Work closely with our Security Awareness team to promote a culture of insider risk awareness within the organization.
Required Knowledge/Skills
• Minimum 7 years professional experience, including at least three years of insider technology risk program experience and two years involving financial services investigations or relevant insider technology risk, investigative or counter intelligence experience.
• History of independently leading investigations with minimal supervision.
• Experience performing security event and incident detection and handling in a large corporate environment, gathering and analysis of threat intelligence, computer network surveillance/monitoring.
• Strong background in performing insider technology risk analysis.
• Experience in IT cyber threat management, vulnerability testing, data security, security management reports and metrics.
• Aptitude for understanding internal organizational environments, their relationship to the external business environment and associated insider risks.
• Ability to develop a full and deep understanding of the cyber security program as well as business operations.
• Developed understanding of how business initiatives create value and risk for organizations.
Strong ability to convey complex information risk and security issues in a manner that is easily understood and actionable and constructively challenges prevailing thoughts and processes.
• Able to consistently, effectively defend approaches and solutions.
Demonstrates an ability to construct, challenge, and manage choices.
• Able to effectively analyse risk within the context of business problems.
• Excellent analytical and problem-solving skills.
• Clear and concise written and verbal communication skills.
• Strong technical writing skills, with emphasis on policy/process development.
• Strong familiarity with cyber security technology and trends.
• Strong written and verbal communication skills with both technical and non-technical audiences.
• Self-starter with great personal initiative and the ability to work autonomously.
-       Experience with Behavioural Analytics solutions
-       Operation and deployment of weak signal detection platforms.
Required Education, Training &/or Certification
• Bachelor's degree; Master's degree a plus.
• Industry-accepted certifications a plus (EnCE, CCE, GCFE, GCFA, GCIH, GREM, CFCE, CISSP, etc.)