As a member of the Chief Information Security Officers’ (CISO) team, provide leadership and subject matter expertise on matters concerning Privacy and Information Security Architecture.
Act as the key liaison point with IT functions.
Implement and oversee information security procedures, standards and processes across the business.
Professional qualifications or essential experience required:
• Educated to degree level or equivalent
• CISSP, CISM, or equivalent
• Demonstrable experience of Information Security Architecture within the financial services sector
• Experience of PCI-DSS
Duties and responsibilities
• Provide advice and guidance to the IT function on information security aspects of systems and infrastructure design and architecture.
• Act as subject matter expert in the selection and design of IT security controls.
• Ensure industry best practices are applied to the design and operation of information security monitoring, analysis and reporting to ensure that we meet and exceed our critical compliance requirements.
• Provide advice, on information security issues related to the systems and processes at CBS to ensure the internal security controls for the Society are appropriate and operating as intended.
• Develop, publish and implement Information Security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements.
• Assist in the removal of all security vulnerabilities from CBS systems and infrastructure.
• Work with third parties in understanding threats and vulnerabilities as they could apply to CBS systems and infrastructure.
• Conduct security research in keeping abreast of latest security issues.
• Actively participate in wider, external, information security community such as CiSP, Payments Council, BSA, etc.
• Provide subject matter expertise to CBS colleagues and projects.
• Deputise for CISO, where appropriate.
Resource Management
• Organises, plans and monitors own time on day to day basis, considering the impact on wider team and business.
• Anticipates competing commitments and resource constraints and escalates appropriately.
• Monitors targets and elapsed time.
Relationship Management
• Establish and maintain relationships with peers across the wider financial services sector to share knowledge and best practices.
• Where appropriate, recommends process improvements.
Business Knowledge
• Maintains an up to date knowledge of CBS systems, processes and strategy and how this fits within Financial Services marketplace.
• Keeps up to date with changes in information security marketplace (threats, regulation, etc.) which impact on business areas and factor these into internal monitoring and reporting.
Personal Conduct and Development
• Takes responsibility for personal development, seeking held and support where necessary.
• Adopts a positive and proactive approach with colleagues, showing enthusiasm for the Society’s mission and values.
• Is courteous and maintains integrity and professionalism when working with the business and team members.
• Maintains composure during difficult situations.