Cyber Delivery Assurance Lead

The role: Cyber Delivery Assurance Lead
Join our team as a Cyber Delivery Assurance Lead, where you'll play a pivotal role reporting to the Head of Cyber Delivery Assurance. Collaborating closely with Digital Delivery leadership and teams, the Cyber Team, and the Cyber Security Office, you'll oversee multiple domains or tribes, ensuring effective assurance processes and embedding security within our operations.

What you'll do:
•Provide assurance to the Head of Cyber Delivery Assurance that product delivery and maintenance meet the company's risk appetite and that controls are operating effectively.
•Successfully embedding security by design with proportionate appropriate cyber controls aligned to risk.
•Senior stakeholder management (negotiation and influencing) across multinational organisations, including third-party suppliers and delivery partners.
•Take full responsibility for the secure delivery of programmes, by assisting the product team by interpreting and embedding Cyber Security policies, standards, guidelines and procedures into an agreed framework against all product team deliverables.
•Engage proactively with the Cyber Security Office (CSO) project assurance and architecture functions, ensuring consistency and best cyber practice are adhered to.
•Provide authoritative advice and guidance on the application and operation of all types of security controls, including legislative or regulatory requirements.
•Advise users on risk management and reduction and promote awareness in conjunction with cyber awareness programmes

What you'll bring:
•Ability to undertake threat and risk assessments across varied technology stacks, identifying suitable mitigating controls.
Demonstrates clear leadership and an ability to communicate, influence and persuade across the organisation at senior levels, leading by example and aligning stakeholder groups around a common vision.
•Initiates and manages change to help secure the future direction of the company.
•Prioritisation across multiple products, based on overall product team structure and delivery strategy.
•Strong ability to work under pressure in a changing environment. Key enablers Enabling company to embed security by design. Supporting active risk management. Key performance indicators

Your experience:
•Broad technical knowledge of cyber security controls is demonstrated by the attainment of appropriate qualifications, e.g. CISSP, ISO27001 Lead Implementor or relevant SANS GIAC or equivalent
•Knowledge of the NIST framework, PCI DSS, GDPR and NIS as well as NCSC cyber guidance.
•Experience working in an agile delivery environment would be highly advantageous.
•Specific cyber knowledge and demonstrable experience in at least one of the following areas: Cloud security, network security, digital security (multi-platform), infrastructure security, security by design, security architecture
•Experience working in a regulated environment with specific cyber requirements that require interpretation and application.

#4665914 - Nasar Ali