Cyber security Control Lead
Posted 1 day ago by CSI GLOBAL LTD
Negotiable
Inside
Hybrid
Glasgow, Scotland, United Kingdom
Summary: The Cyber Control Lead role involves owning and driving the controls testing plan to ensure the bank's safety through continuous testing programs. The position requires leading the development of automation and continuous control monitoring while coaching security control analysts. Additionally, the role emphasizes raising awareness of cyber risks and collaborating with various teams to ensure regulatory compliance. Expert knowledge of cybersecurity governance frameworks and risk management principles is essential for success in this position.
Key Responsibilities:
- Own the controls testing plan and drive delivery of a continuous testing programme to support TOCs Strategic objectives to keep the bank safe
- Lead the development of automation and continuous control monitoring to foster a data led controls assessment strategy
- Lead and coach security control analysts to deliver the testing and remediation plan
- Raise awareness of cyber risks and control best practices among employees at all levels of the organisation
- Work closely with the Risk, Compliance and Regulatory teams to ensure regulatory compliance, including technical control compliance
- Provide advice and support risk management responses, including risk and audit requests, regulatory requirement assessments and third-party security control capability requests
Key Skills:
- Expert knowledge of cyber security governance frameworks, policies, and procedures such as NIST, COBIT, CIS Controls
- Understanding of cybersecurity risk management principles and practices
- Awareness of emerging cybersecurity trends, threats, and technologies
- Knowledge of security technologies, tools, and solutions used in cybersecurity programs (bonus)
- Understanding of regulatory requirements and industry standards relevant to cybersecurity (bonus)
- CISSP certified (bonus)
Salary (Rate): undetermined
City: Glasgow
Country: United Kingdom
Working Arrangements: hybrid
IR35 Status: inside IR35
Seniority Level: undetermined
Industry: IT
Role : Cyber Control Lead
Location : Glasgow (Can be remote)
Inside IR35 role
JD
What you'll be doing
- Own the controls testing plan and drive delivery of a continuous testing programme to support TOCs Strategic objectives to keep the bank safe
- Lead the development of automation and continuous control monitoring to foster a data led controls assessment strategy
- Lead and coach security control analysts to deliver the testing and remediation plan
- Raise awareness of cyber risks and control best practices among employees at all levels of the organisation to further embed a good security control mindset.
- Work closely with the Risk, Compliance and Regulatory teams to ensure regulatory compliance, including technical control compliance
- Provide advice and support risk management responses, including risk and audit requests, regulatory requirement assessments and third-party security control capability requests.
We need you to have
- Expert knowledge of cyber security governance frameworks, policies, and procedures such as NIST, COBIT, CIS (Center for Internet Security) Controls
- Understanding of cybersecurity risk management principles and practices
- Aware of emerging cybersecurity trends, threats, and technologies
It's a bonus if you have but not essential
- Knowledge of security technologies, tools, and solutions used in cybersecurity programs.
- Understanding of regulatory requirements and industry standards relevant to cybersecurity.
- CISSP certified