Key Responsibilities

• Defining and managing Security policy, risk governance, policy assurance, and awareness with the domain lead.
• Managing security risk across the Group, building networks with other risk teams and collaborating with second and third lines of defence.
• Using risk and security expertise to create a well-evidenced security environment.
• Leading a team of domain specialists.
• Staying abreast of industry best practices and changing regulations, capturing and explaining requirements in risk standards.
• Working with Security teams across the group and all three lines of defence to promote high security standards.
• Preparing and communicating complex Security principles to expert and non-expert audiences.
• Enabling a culture of continuous improvement, focusing on automation, embedding and robustly measuring controls.
• Ensuring decisions are based on robust data, return on investment and value measures for cost management.
• Encouraging idea identification and driving initiative delivery to reduce costs and simplify the bank.
• Building and leveraging relationships with colleagues to ensure commercially focused decisions and long-term value.
• Agreeing and delivering the security awareness strategy.

Skills and Expertise

• Experience of leading or delivering security consultancy.
• Excellent problem-solving and technical skills to create secure solutions for customers.
• Relevant security qualification (e.g., CISSP or equivalent).
• Ability to lead teams, ensuring process consistency across multiple teams.
• Experience in creating MI to demonstrate process value, efficiency, and recommending improvements.
• Experience in developing information security controls.
• Ability to communicate technical issues clearly and concisely to senior stakeholders.
• Knowledge of security best practices and risk frameworks.