| Senior Cybersecurity Lead (US Senior Cyber Lead) at Remote, Remote, USA |
| Email: [email protected] |
| Hello Associate, Hope you are doing well We have the below requirement open. Please send me your genuine candidate on my email ID [email protected] Job title : Senior Cybersecurity Lead (US Senior Cyber Lead) Location : Remote Duration: Long Term prefer candidates from EST or CST time zones LinkedIn Must & Passport Number Must Visa : H1B EXP: 10+ Job Description: Scope of Coverage The US Senior Cyber Lead is responsible for supporting the Regional Information Security Officer (RISO) in providing regional input into and executing the Group Information Security and Cybersecurity strategy across the designated Region. The key responsibilities include managing Governance & Reporting, Information Security Risk and Remediation, Secure Business Transformation, Compliance to local legal entity regulations, and reporting the cyber risk posture to the regional legal entity boards, senior management, and risk management forums. The role requires the ability to translate highly technical Cybersecurity concepts into consumable language, in order to support the RISO to drive continuous assessment and improvement of cybersecurity and information security risk in line with risk appetites and a constantly evolving cyber-threat landscape. The role is expected to support the execution of the global Cybersecurity strategy through a series of run-the-bank programs within their respective Region and through coordination with the central Cybersecurity functions in execution of change-the-bank programs. This role holder will collaborate with other cybersecurity team members within the region, work in partnership with the central functions of Group Cybersecurity, the virtual team (PODs), technology teams, information security control owners, non-cyber control owners, and the regional/business Chief Controls Office to achieve their goals. Governance & Reporting Support the RISO with Information Security monitoring and risk reporting for the respective Regions/Country, ensuring all Cybersecurity related activities within the allocated area are shared with the RISO in a timely manner. Support the COO, CIO, and the Heads of Technology functions in the respective Region/Country in the management of information security risks and the maintenance of an effective and robust information and cybersecurity control environment. Leverage the global reporting capabilities (augmented to meet specific local requirements) to provide monthly updates to drive Cybersecurity control improvement initiatives. Own all Cybersecurity related activities for respective Region/Country regardless of which organization delivers that security service. Work closely with the RISO to ensure all Region/Country requirements are provided to the Group cybersecurity team to drive prioritization and scope definition for these capabilities and programs. Track and report on business-critical Cybersecurity strategic transformation programs. Support the RISO in representing Cybersecurity in relevant management and governance forums, e.g. Risk Management Meeting (RMM), IT Control Environment Management Meeting (CEMM), Cyber Security CEMM, Info Security Risk Working and Steering Group, Audit and Risk Committee. Align with existing governance structure and drive improvement for the effective management of information security and cybersecurity controls (both cyber owned and non-cyber owned) for the respective Region/Country. Support the RISO to deliver the Global Cybersecurity strategy for respective Region/Country following the Group Strategy with local requirements supported. Support the RISO to build and manage local plans and budgets which identify value and cost reduction opportunities. Promote Cybersecurity awareness and clear reporting of Region/Country initiatives, threat intelligence, etc. to improve the overall perception of Cybersecurity as an enabler for business. Information Security Risk Management & Remediation Responsible for understanding the risk in the respective Region/Country. Understand the Region/Country's critical assets, identify threats/vulnerabilities, and determine corresponding information security risk levels based on globally established control requirements and augmented by local or jurisdictional requirements. Work collaboratively with the RISO to drive and support the information security and cybersecurity risk management and remediation activities for the respective Region/Country. Align with CCO, 2nd line, CTO, and local CIO teams to ensure security is developed by design and work to remediate issues identified, in a timely manner. Ensure all remediation actions are completed within agreed timelines and work with the appropriate stakeholders within the respective Region/Country to ensure an adequate level of support and commitment is available to drive remediation. Help the senior management in the business and technology teams to understand the risk they are making a decision on or accepting while performing business. Ensure risk sits within defined appetite and ensure that this is cascaded up the RISO in a timely manner. Incident Management Work with stakeholders in respective Region/Country to support the resolution/remediation of all major cybersecurity incidents. In partnership with GCO, support the RISO in providing incident support and management in respective Region/Country. Assess the impact of major incidents on respective Region/Country; work with the RISO and the Global Cybersecurity service lines on action plans to minimize impact. Work with the RISO and peers to meet common Region/Country goals, linked to the risk framework i.e. operational risk simulations, MIG exercises, cyber-enabled fraud collaboration, data security reporting, exceptional access and risk reviews of regional business initiatives. 1LOD teams: ITID, Architecture, Business Continuity Management, Regional Fraud/Insider Risk Management teams, and Business Information Risk Officers. 2LOD teams: Resilience Risk Stewards, Data Privacy Officers, Regulatory compliance. Secure Business Transformation Partner with the business to help them achieve their strategic objectives by ensuring that cybersecurity services provided are fit for purpose. Understand business/regional/country strategies and requirements and ensure business requirements are incorporated within the cyber global investment/transformation program. Enable secure business transformation, including support of business-led projects, divestitures, mergers, and acquisitions within the respective Region/Country as applicable while ensuring that new capabilities and entities are set up securely and adopted efficiently in the respective Region. Ensure adherence to cybersecurity controls and enable/facilitate access to existing cybersecurity services to support the business strategy. Determine and drive the respective requirements to be addressed by the local team members from the global security capabilities/services or central cybersecurity functions. Support the RISO to oversee the implementation and gap assessments of global, regional, and local initiatives for respective Region/Country Regulatory Compliance and Industry and Customer Engagement Support the RISO to drive the management and reporting of regulatory compliance requirements for cybersecurity and information security controls in the respective region/country by collaborating with Cybersecurity central functions. Build and maintain strong relationships with relevant regional/country associations, government agencies, forums, etc. to represent HSBC's strategic direction with regard to legal and regulatory requirements. Ensure adherence to the three lines of defense organizational model with clear lines of responsibility, accountability, and segregation of duties. Support the RISO in ensuring compliance with internal audit and external regulators that any organizational changes are fit-for-purpose and meet their expectations. Face off to the region/country's legal entities for regulatory, audit, and external security engagements (where required). Participate in Cybersecurity forums with industry peers and regional/country regulators. Team & Stakeholder Management Establish strong stakeholder relationships within the assigned Region/Country. Entity management of local (within assigned Region/Country) Cybersecurity resources (where applicable). -- Keywords: information technology Idaho Senior Cybersecurity Lead (US Senior Cyber Lead) [email protected] |
| [email protected] View all |
| Fri May 17 21:54:00 UTC 2024 |