Head of Cyber Risk

Head of Cyber Risk

Posted 3 days ago by Barclay Simpson Recruitment

Apply
Negotiable
Outside
Hybrid
Hybrid - WFH/London 1 day a week, UK
Apply
Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP) Cloud Computing Cloud Governance Cloud Technology Computer Science Corporate Governance Of Information Technology Cyber Risk Cyber Security Data Privacy Laws Executive Leadership Financial Services Global Financial Services Input/Output Management Operational Risk Operational Risk Management Risk Management Risk Management Framework Sarbanes-Oxley Act (SOX) Compliance Scenario Planning Strategic Leadership

Summary: Head of Cyber Risk is required for a global financial services firm to lead efforts in identifying, assessing, and mitigating cyber-related risks. The role involves developing a comprehensive cyber risk framework and collaborating with various departments to ensure a robust cyber risk posture. This position is more hands-on rather than purely managerial, focusing on strategic leadership and operational risk management. The candidate will also be responsible for compliance with relevant laws and frameworks while building a high-performing cyber risk team.

Key Responsibilities:

  • Develop and own the enterprise-wide cyber risk management strategy and roadmap.
  • Advise senior leadership and the board on emerging cyber risks, threats, and regulatory requirements.
  • Represent the cyber risk function in risk committees, regulatory meetings, and board-level discussions.
  • Design and maintain a cyber risk management framework that aligns with industry standards (eg, NIST, ISO 27005, FAIR).
  • Define and monitor key cyber risk indicators (KRIs) and risk appetite metrics.
  • Oversee regular cyber risk assessments, scenario planning, and risk reporting.
  • Collaborate with cybersecurity, IT, and business units to identify and remediate cyber risk exposures.
  • Ensure appropriate controls, policies, and procedures are in place and tested.
  • Lead cyber risk input into third-party risk, data privacy, and cloud governance programs.
  • Ensure compliance with relevant laws and frameworks (eg, GDPR, DORA, NIS2, SOX, PCI-DSS).
  • Prepare and support audits, risk assessments, and regulatory reviews.
  • Build and lead a high-performing cyber risk team.
  • Drive a risk-aware culture through training, awareness, and engagement across the organization.
  • Experience in cybersecurity, risk management, or IT governance, with strong experience in a leadership role for a global financial organisation.
  • Strong understanding of cybersecurity frameworks, threat intelligence, and digital risk management.
  • Degree in Information Security, Risk Management, Computer Science, or a related field. Professional certifications such as CISSP, CISM, CRISC, or equivalent are highly desirable.

Key Skills:

  • Experience in cybersecurity, risk management, or IT governance.
  • Strong leadership experience in a global financial organization.
  • Understanding of cybersecurity frameworks and threat intelligence.
  • Degree in Information Security, Risk Management, Computer Science, or related field.
  • Professional certifications such as CISSP, CISM, CRISC, or equivalent.

Salary (Rate): undetermined

City: London

Country: UK

Working Arrangements: hybrid

IR35 Status: outside IR35

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

Head of Cyber Risk required for global financial services firm. You will lead the organization's efforts to identify, assess, and mitigate cyber-related risks across the enterprise. This role is responsible for developing and implementing a comprehensive cyber risk framework, aligning with business goals, regulatory expectations, and evolving threat landscapes. You will collaborate closely with IT, compliance, security, and executive leadership to ensure a strong cyber risk posture and informed decision-making. This is more hands-on as opposed to managerial.

Key Responsibilities:

  • Strategic Leadership:

    • Develop and own the enterprise-wide cyber risk management strategy and roadmap.

    • Advise senior leadership and the board on emerging cyber risks, threats, and regulatory requirements.

    • Represent the cyber risk function in risk committees, regulatory meetings, and board-level discussions.

  • Risk Framework & Governance:

    • Design and maintain a cyber risk management framework that aligns with industry standards (eg, NIST, ISO 27005, FAIR).

    • Define and monitor key cyber risk indicators (KRIs) and risk appetite metrics.

    • Oversee regular cyber risk assessments, scenario planning, and risk reporting.

  • Operational Risk Management:

    • Collaborate with cybersecurity, IT, and business units to identify and remediate cyber risk exposures.

    • Ensure appropriate controls, policies, and procedures are in place and tested.

    • Lead cyber risk input into third-party risk, data privacy, and cloud governance programs.

  • Regulatory & Compliance:

    • Ensure compliance with relevant laws and frameworks (eg, GDPR, DORA, NIS2, SOX, PCI-DSS).

    • Prepare and support audits, risk assessments, and regulatory reviews.

  • Team & Culture Building:

    • Build and lead a high-performing cyber risk team.

    • Drive a risk-aware culture through training, awareness, and engagement across the organization.

  • Qualifications & Experience:

    • Experience in cybersecurity, risk management, or IT governance, with strong experience in a leadership role for a global financial organisation.

    • Strong understanding of cybersecurity frameworks, threat intelligence, and digital risk management.

    • Degree in Information Security, Risk Management, Computer Science, or a related field. Professional certifications such as CISSP, CISM, CRISC, or equivalent are highly desirable.

Apply
Similar Jobs
Loading data...