NatWest Group
Security Risk Manager
Key Responsibilities
- Defining and managing Security policy, risk governance, policy assurance, and awareness with the domain lead.
- Leading the management of security risk across the Group and building networks with other risk teams, and closely working with second and third lines of defence.
- Using risk and security expertise to create a well-evidenced security environment.
- Leading a team of domain specialists.
- Staying abreast of industry good practice and changing regulations, capturing and explaining requirements in risk standards.
- Working with Security teams across the group and all three lines of defence to promote high security standards.
- Preparing and communicating complex Security principles to expert and non-expert audiences.
- Enabling a culture of continuous improvement and collaboration, focusing on automation, embedding, and robustly measuring controls.
- Ensuring decisions are based on robust data, return on investment, and value measures to demonstrate thoughtful and intelligent cost management.
- Encouraging the identification of ideas and driving the delivery of initiatives to reduce costs and simplify the bank.
- Building and leveraging relationships with colleagues to ensure commercially focused decisions creating long-term value.
- Agreeing and delivering the security awareness strategy.
Skills and Expertise
- Experience of leading or delivering security consultancy.
- Excellent problem-solving and technical skills to create secure solutions for customers.
- Relevant security qualification (e.g., CISSP or equivalent).
- Ability to lead teams of specialists, ensuring process consistency across multiple teams.
- Experience creating MI demonstrating process value and efficiency, recommending improvements.
- Experience in developing information security controls.
- Ability to communicate technical issues clearly and concisely to senior stakeholders.
- Knowledge of security good practices and risk frameworks.