Cyber Security Programme Manager
Programme Manager - Cyber Security - European Retail Bank
Major European Retail bank requires an experienced Programme Manager with extensive knowledge and change/transformation experience in the cyber security of retail or commercial banks. This is a great opportunity to enhance the transformation/automation of this major banks cyber security operations, including the network security, software security, end-point security, data protection, access management, vulnerabilities monitoring, incidents management and response.
The successful candidate will deliver the strategic cyber security roadmap and manage transition to BAU, in addition to organising the awareness and training programs related to cyber security. The candidate should be comfortable communicating and dealing with all levels of management and being able to positively influencing stakeholders to achieve predetermined objectives.
Duties and Responsibilities:
. Organise the cyber security transformation program at the Group level, involving both Technology, IT Security and Business teams.
. Formalise the functional and/or technical specifications for the transformation program.
. Facilitate the transition from the project mode to BAU.
. Manage the coordination of the regulatory communications and on-site inspections (including external and internal audits).
. In close cooperation with IT Security team, help to develop/improve policies, procedures and cyber security framework based on the best industry standards and European regulatory requirements.
. Facilitate interface between Business teams, Technology and IT Security to ensure the right controls are delivering the expected level of coverage against the identified cyber threats.
. At least 10 years of cyber security related experience at the mid/large size bank.
. Proven experience in leading and managing cyber security change in the banking environment.
. Comprehensive knowledge of the threat landscape, adversary tactics, techniques, and procedures (TTP), general attack stages, kill-chain and attack types.
. Working knowledge of necessary cyber security policies and relevant European regulatory requirements for financial institutions.
. Experience in designing key operating procedures, programs and services and establishing best practices in IT Security.
. Experience in dealing with ISO 27001 and PCI-DSS certifications in the banking environment.
. Good knowledge of incident handling and incident response methodologies.
. High-level understanding of enterprise grade technologies including security devices, network engineering, operating systems, databases and applications and their security settings and configurations.
. Have CISSP or an equivalent professional security qualification is a plus