Information and Cyber Security Policy and Standards

2 weeks ago

London, United Kingdom Willis Towers Watson Full time

We have an opportunity for an experienced information security professional as our new Information and Cyber Security Policy and Standards Lead. You will be responsible for leading the maintenance and development of the WTW Information Security (IS) Policyand supporting standards.
The scope of the role is global, covering both cyber & technology, creating policies that are best of breed not exercises in box ticking.
You will be reporting to Head of Cyber and Technology Risk Management and based in the UK, however the position is predominantly based from home with occassional travel to the office.
**The Role**
This role will lead the maintenance of the IS Policy and Standards:

- Operating the annual and other additional review cycle process for the WTW IS Policy & Standards.
- Lead the design and updates to related operating procedures.
- Identifying and managing changes as well as driving development of new details of the IS Policy and Standards whilst working with standards owners and other SMEs.
- Pro-actively manage all the communication as it pertains to the IS Policy & Standards.
- Ensuring appropriate change management and configuration control of the IS Policies & Standards in place.
- Ensure the clarity and accuracy of the information in the IS Policy and standards.
- Provide decisions on exceptions on basic risk assessment and associating timelines with every exception.
- Document and track all changes request ensuring quality details are capture for all decisions.
- Work with Exception to Policy and Risk management team to ensure transparency of planned changes.
- Proactively work with Control Assurance team to understand alignment.
- Understanding Policy and standards lifecycle processes.
- Understanding of controls frameworks and control lifecycle.
- Work with Regulatory team to understand all regulatory driven change requirements.
- Ensure accurate and clear communication with all stakeholders.
- Provide appropriate MI to all stakeholder levels.

**The Requirements**:

- Knowledge and understanding of Information Security Frameworks and standards (FFIEC, NIST, ISO etc).
- Knowledge and understanding and experience of best practice for Information Security and Cyber policies and standards.
- Ability to work as part of a team or solo.
- Excellent communication skills, especially written English.
- Strong Stakeholder management.
- The ability to foster and grow relationships.
- Experience of working in a live operational environment with an understanding of the impact of policy adherence is desirable.
- Experience of working with GRC toolset.
Qualifications:

- Educated to degree level or equivalent.
- Substantial experience in an information security role.
- Experience of working within a global financial institution.
Behaviors:

- Resourcefulness and organizational agility.
- Team player with good interpersonal and influencing skills.
- Conflict management resolution (options and impact analysis).
- Customer focused with integrity and able to establish trust with stakeholders.
- Personal learning & development.

  • Information Security Consultant

    2 days ago

    London, United Kingdom Bulletproof (Cyber Security) Full time

    WorkNest Cyber LTD (formally known as Bulletproof Cyber), is looking for an ISO27001 subject matter expert with experience of delivering consultancy around all the topic, including gap analysis, audits, implementations projects and ad hoc Information Security queries, to a wide variety of customers.You should have an excellent understanding of ISO27001 with...

  • Information Security Manager

    2 weeks ago

    London, Greater London, United Kingdom Policy Expert Full time £60,000 - £100,000 per year

    Policy Expert – Information Security Manager Are you ready to transform the insurance industry? Policy Expert is a forward-thinking business that loves to get things done. Leveraging proprietary technology and smart data, we offer reliable products and a wow customer experience. Having achieved rapid growth since being founded in 2011, we've won over...

  • Information Security Manager

    5 days ago

    City Of London, United Kingdom Policy Expert Full time

    Policy Expert – Information Security Manager 🚀Are you ready to transform the insurance industry? Policy Expert is a forward-thinking business that loves to get things done. Leveraging proprietary technology and smart data, we offer reliable products and a wow customer experience. Having achieved rapid growth since being founded in 2011, we’ve won over...

  • Information Security Manager

    2 weeks ago

    London, Greater London, United Kingdom Policy Expert Full time £60,000 - £100,000 per year

    Policy Expert – Information Security Manager Are you ready to transform the insurance industry? Policy Expert is a forward-thinking business that loves to get things done. Leveraging proprietary technology and smart data, we offer reliable products and a wow customer experience. Having achieved rapid growth since being founded in 2011, we've won over...

  • Information Security Analyst

    3 days ago

    London, United Kingdom Cyber UK Full time

    OverviewInformation Security Analyst. We are searching for an experienced Information Security Analyst. Make an Impact at RSM UK. The Information Security GRC (Governance, Risk, and Compliance) Analyst will be responsible for developing, implementing, and maintaining a robust information security governance, risk management, and compliance program. This role...

  • Cyber Security Program Manager

    2 weeks ago

    City Of London, United Kingdom Cyber Security training courses Full time

    Cyber Security Program Manager I am working with an organisation that is embarking on a major cyber security transformation and looking to bring on a Cyber Security Program Manager to lead a multi-year, enterprise-wide uplift program. This is a strategic role where you'll work closely with senior stakeholders and an external delivery partner to enhance cyber...

  • Information/cyber Security Manager

    23 hours ago

    London, United Kingdom Latcom Plc Full time

    Job Responsibilities - The role of the Information Security Manager/Cyber Security Manager, will be defining, implementing and refining approaches to Information Security, undertaking risk assessments and reporting results and offer guidance to the technical teams and businessstakeholders alike - Managing a team of 3 people - Conduct ongoing security threat,...

  • Cyber Security Engineer

    3 days ago

    City Of London, United Kingdom Policy Expert Full time

    Policy Expert - Cyber Security Engineer Are you ready to transform the insurance industry? Policy Expert is a forward-thinking business that loves to get things done. Leveraging proprietary technology and smart data, we offer reliable products and a wow customer experience. Having achieved rapid growth since being founded in 2011, we've won over 1.5 million...

  • Cyber Security Engineer

    2 weeks ago

    City Of London, United Kingdom Policy Expert Full time

    Policy Expert – Cyber Security Engineer 🚀 Are you ready to transform the insurance industry? Policy Expert is a forward‑thinking business that loves to get things done. Leveraging proprietary technology and smart data, we offer reliable products and a wow customer experience. Having achieved rapid growth since being founded in 2011, we’ve won over...

  • Information & Cyber Security Engineer

    2 weeks ago

    City Of London, United Kingdom Totum Partners Full time

    Key Responsibilities The role will support the delivery of robust information security and privacy policies, processes, and practices into business operations. Providing advice and guidance on security policy compliance to manage identified risks and ensure adoption and adherence to standards. Supporting the response to discovered vulnerability information...