Home

Senior Cybersecurity Lead (US Senior Cyber Lead) at Remote, Remote, USA
Email: [email protected]
From:

karthik,

RITWIK Infotech INC

[email protected]

Reply to: [email protected]

Hello Associate,

Hope you are doing well

We have the below requirement open. Please send me your genuine candidate on my email ID
[email protected]

Job title : Senior Cybersecurity Lead (US Senior Cyber Lead)

Location : Remote

Duration: Long Term

prefer candidates from EST or CST time zones

LinkedIn Must & Passport Number Must

Visa : H1B

EXP: 10+

Job Description:

Scope of Coverage

The US Senior Cyber Lead is responsible for supporting the Regional Information Security Officer (RISO) in providing regional input into and executing the Group Information Security and Cybersecurity strategy across the designated Region. The key responsibilities include managing Governance & Reporting, Information Security Risk and Remediation, Secure Business Transformation, Compliance to local legal entity regulations, and reporting the cyber risk posture to the regional legal entity boards, senior management, and risk management forums.

The role requires the ability to translate highly technical Cybersecurity concepts into consumable language, in order to support the RISO to drive continuous assessment and improvement of cybersecurity and information security risk in line with risk appetites and a constantly evolving cyber-threat landscape. The role is expected to support the execution of the global Cybersecurity strategy through a series of run-the-bank programs within their respective Region and through coordination with the central Cybersecurity functions in execution of change-the-bank programs.

This role holder will collaborate with other cybersecurity team members within the region, work in partnership with the central functions of Group Cybersecurity, the virtual team (PODs), technology teams, information security control owners, non-cyber control owners, and the regional/business Chief Controls Office to achieve their goals.

Governance & Reporting

Support the RISO with Information Security monitoring and risk reporting for the respective Regions/Country, ensuring all Cybersecurity related activities within the allocated area are shared with the RISO in a timely manner.

Support the COO, CIO, and the Heads of Technology functions in the respective Region/Country in the management of information security risks and the maintenance of an effective and robust information and cybersecurity control environment.

Leverage the global reporting capabilities (augmented to meet specific local requirements) to provide monthly updates to drive Cybersecurity control improvement initiatives.

Own all Cybersecurity related activities for respective Region/Country regardless of which organization delivers that security service.

Work closely with the RISO to ensure all Region/Country requirements are provided to the Group cybersecurity team to drive prioritization and scope definition for these capabilities and programs.

Track and report on business-critical Cybersecurity strategic transformation programs.

Support the RISO in representing Cybersecurity in relevant management and governance forums, e.g. Risk Management Meeting (RMM), IT Control Environment Management Meeting (CEMM), Cyber Security CEMM, Info Security Risk Working and Steering Group, Audit and Risk Committee.

Align with existing governance structure and drive improvement for the effective management of information security and cybersecurity controls (both cyber owned and non-cyber owned) for the respective Region/Country.

Support the RISO to deliver the Global Cybersecurity strategy for respective Region/Country following the Group Strategy with local requirements supported.

Support the RISO to build and manage local plans and budgets which identify value and cost reduction opportunities.

Promote Cybersecurity awareness and clear reporting of Region/Country initiatives, threat intelligence, etc. to improve the overall perception of Cybersecurity as an enabler for business.

Information Security Risk Management & Remediation

Responsible for understanding the risk in the respective Region/Country. Understand the Region/Country's critical assets, identify threats/vulnerabilities, and determine corresponding information security risk levels based on globally established control requirements and augmented by local or jurisdictional requirements.

Work collaboratively with the RISO to drive and support the information security and cybersecurity risk management and remediation activities for the respective Region/Country. Align with CCO, 2nd line, CTO, and local CIO teams to ensure security is developed by design and work to remediate issues identified, in a timely manner.

Ensure all remediation actions are completed within agreed timelines and work with the appropriate stakeholders within the respective Region/Country to ensure an adequate level of support and commitment is available to drive remediation.

Help the senior management in the business and technology teams to understand the risk they are making a decision on or accepting while performing business. Ensure risk sits within defined appetite and ensure that this is cascaded up the RISO in a timely manner.

Incident Management

Work with stakeholders in respective Region/Country to support the resolution/remediation of all major cybersecurity incidents.

In partnership with GCO, support the RISO in providing incident support and management in respective Region/Country.

Assess the impact of major incidents on respective Region/Country; work with the RISO and the Global Cybersecurity service lines on action plans to minimize impact.

Work with the RISO and peers to meet common Region/Country goals, linked to the risk framework i.e. operational risk simulations, MIG exercises, cyber-enabled fraud collaboration, data security reporting, exceptional access and risk reviews of regional business initiatives.

1LOD teams: ITID, Architecture, Business Continuity Management, Regional Fraud/Insider Risk Management teams, and Business Information Risk Officers.

2LOD teams: Resilience Risk Stewards, Data Privacy Officers, Regulatory compliance.

Secure Business Transformation

Partner with the business to help them achieve their strategic objectives by ensuring that cybersecurity services provided are fit for purpose. Understand business/regional/country strategies and requirements and ensure business requirements are incorporated within the cyber global investment/transformation program.

Enable secure business transformation, including support of business-led projects, divestitures, mergers, and acquisitions within the respective Region/Country as applicable while ensuring that new capabilities and entities are set up securely and adopted efficiently in the respective Region.

Ensure adherence to cybersecurity controls and enable/facilitate access to existing cybersecurity services to support the business strategy.

Determine and drive the respective requirements to be addressed by the local team members from the global security capabilities/services or central cybersecurity functions.

Support the RISO to oversee the implementation and gap assessments of global, regional, and local initiatives for respective Region/Country

Regulatory Compliance and Industry and Customer Engagement

Support the RISO to drive the management and reporting of regulatory compliance requirements for cybersecurity and information security controls in the respective region/country by collaborating with Cybersecurity central functions.

Build and maintain strong relationships with relevant regional/country associations, government agencies, forums, etc. to represent HSBC's strategic direction with regard to legal and regulatory requirements.

Ensure adherence to the three lines of defense organizational model with clear lines of responsibility, accountability, and segregation of duties.

Support the RISO in ensuring compliance with internal audit and external regulators that any organizational changes are fit-for-purpose and meet their expectations.

Face off to the region/country's legal entities for regulatory, audit, and external security engagements (where required).

Participate in Cybersecurity forums with industry peers and regional/country regulators.

Team & Stakeholder Management

Establish strong stakeholder relationships within the assigned Region/Country.

Entity management of local (within assigned Region/Country) Cybersecurity resources (where applicable).

Keywords: information technology Idaho
Senior Cybersecurity Lead (US Senior Cyber Lead)
[email protected]
[email protected]
View all
Sat May 18 00:41:00 UTC 2024

To remove this job post send "job_kill 1406754" as subject from [email protected] to [email protected]. Do not write anything extra in the subject line as this is a automatic system which will not work otherwise.


Your reply to [email protected] -
To       

Subject   
Message -

Your email id:

Captcha Image:
Captcha Code:


Pages not loading, taking too much time to load, server timeout or unavailable, or any other issues please contact admin at [email protected]
Time Taken: 0

Location: ,