Security Business Partner London

NatWest Group

Security Business Partner

Key Responsibilities

  • Apply effective risk management and decision-making capability, anticipating and assessing the potential impacts of risk associated with information and cyber security across relevant business areas.
  • Ensure evaluation, management, and mitigation of the impacts of strategic information and cyber security initiatives on the operational risk and control profile.
  • Support and engage with specialist Security stakeholders (second and third lines of defence, etc.).
  • Provide support on framework execution as an information and cyber security expert (risk and controls assessments, control design, testing, policy compliance).
  • Lead informed discussions of information and cyber security risk for relevant business areas and products.
  • Create a culture of continuous improvement, increasing efficiency and productivity through people leadership, coaching, and skill development.
  • Manage stakeholder relationships with Security and support them with managing their risk and control profile.
  • Provide an aggregated view of the control environment for relevant information and cyber security business areas.
  • Support relevant technology and digital business area in interactions with second and third lines of defence on risk and audit engagements.
  • Manage the completion of risk and control assessments in line with the risk framework for Security.
  • Produce and review risk committee packs relating to information and cyber security, including relevant MI and assessing the aggregated risk profile.
  • Support Security in interactions with second and third lines of defence on risk and audit engagements.

Skills and Expertise

  • Extensive understanding of relevant businesses, key products, and information and cyber security risks.
  • Knowledge of risks and controls associated with information and cyber security, including industry frameworks (NIST, ISF SOGP, MITRE, COBIT, CRISC, etc.).
  • Knowledge of risks associated with technology outsourcing.
  • Breadth of demonstrable knowledge across all cyber and information security domains (privileged access management, security operations, vulnerability management, governance).
  • Proven ability to deliver high quality outcomes and experience of applying information and cyber security risk and control assessments in an operational and strategic context.
  • Comprehensive experience in information and cyber security risk management and audit or control frameworks.
  • Experience of working in a fast-paced information and cyber security risk or audit environment where priorities shift rapidly.
  • Strong senior stakeholder management skills.

To apply for this job please visit jobs.natwestgroup.com.

Posting date:
30 November 2024
Hours:
Full time
Closing date:
30 December 2024
Location:
London, EC2M 4AA
Company:
NatWest Group
Job type:
Permanent
Job reference:
R-00243971-OTHLOC-GBR-5FLON311