Ciso Chapter Area Lead

**The Role**:
The CISO Chapter Area Lead role has been created as part of re-energising our CISO function. Our CISO function comprises of Cyber Defence Centre, Business and Operational Resilience, Governance, Risk & Compliance, Privacy & Information Management, Strategy & Operating Office and Security Innovation & Enablement.

This role sits in our Security Innovation & Enablement team with the purpose of the role to enable our business in their BAU, change and run initiatives whilst remaining secure and resilient.

You will be working closely with our product areas (e.g. Tribe Leads, Engineering Chapter Area Leads, Product Owners etc) and act as the glue between the business and the CISO function to promote an environment and culture of continuous improvement, experimentation and innovation.

**N.B **This is a hybrid based role and whilst we don't have set office days there would be an expectation that you would need to be available to come into our central London office c.1-2 per week depending on business requirements.

**What you’ll be doing**:

- Responsible for ensuring that squads operate the relevant CISO capabilities when executing change initiatives and in operational run state
- Advise our product areas on the most efficient way to deliver change whilst remaining secure and resilient
- Gate keeper of the CISO Front Door process to ensure any business lead change or run initiatives requirements are prioritised and implemented in line with CISO policies, standards and frameworks. Act as the bridge between our business and CISO function to enable quicker, secure and resilient implantation of changes
- Responsible for developing other chapters to become more T-Shaped and embed security privacy, and resilience in their thinking and approaches to support the shift-left principles
- Responsible for ensuring CISO’s regulatory and compliance obligations are fulfilled in line with our risk management framework within the relevant product areas
- Managing team members directly with the team or part of a cross functional team - direct line management or matrix line management to ensure we develop our people to grow and excel
- Develop and maintain an in-depth understanding of our product are, customer partners, third parties, processes, technologies, and data
- Act as an escalation point for the CISO and product area to enhance collaboration and agility
- Build long term relationships with partners to deliver multi-year strategic plan(s) and the need to move to emerging new technologies as our business needs change
- Required to be a thought leader able to think strategically and innovatively to support business outcomes and to be build on ideas for improvement, supporting overarching CISO strategy and architectural principles.
- Responsible for representing and managing all aspects of CISO services across all business lines and groups across the DLG enterprise supporting business and technology outcomes and providing a holistic view across all tribes

**What you’ll need**:

- A deep understanding of cyber security privacy and resilience controls, threat modelling, risk management
- Ability to build relationships and influence stakeholders both technical and non technical at all levels including strong conflict resolution and negotiation skills
- A keen interest in technology, regulatory and resilience focus: passionate about major trends in new ways of working, including Lean IT, continuous delivery, cloud processes, etc.
- Knowledge of risk management and reduction methods.
- Proficiency in developing and managing high performing cross functional teams.
- Strong communicator able to build rapport at all levels and experience with an inspiring and clear approach and ability to inspire by leading by example.
- Experience/Knowledge of
- PCI DSS processes and best practice assurance methodologies.
- Data Protection Act, EU GDPR and associated regulatory requirements
- NIST and ISO standards about Information Security and Business Continuity.
- Experience with information security management processes, practices and technical countermeasures.
- Experience with outsourced vendor governance and security management practices.
- Experience managing others, either directly or via matrix management

LI-GS1

LI-HYBRID

**Ways of Working**:
Our mixed model way of working offers a 'best of both worlds' approach combining the best parts of home and office-working, offering flexibility for everyone. How much you'll be in the office depends on your role, and we'll consider the flexible working options that work best for you.

Read our flexible working approach here.

**Benefits**:
We recognise we wouldn't be where we are today without our colleagues, that's why we offer excellent benefits designed to suit your lifestyle:

- 9% employer contributed pension
- 50% off home, motor and pet insurance plus free travel insurance and Green Flag breakdown cover
- Additional optional Health and Dental insurance
- Up to 20% bonu