Cyber Security Lead

Description

Experience Required

• 7- 12 years of experience in Information Security, Cybersecurity Governance, Technology Risk, or Audit.
• Experience working within financial services, global enterprises, or regulated industries is highly preferred.
• Prior exposure to IT Risk, ISR, compliance frameworks, or cyber remediation programs is desirable.
  

Key Responsibilities

• Consolidate security monitoring insights and risk reports, translating technical information into clear, business-friendly formats for technology and leadership stakeholders.
• Represent Cybersecurity in key governance, risk, and leadership forums.
• Ensure security requirements from the Risk & Compliance IT teams are communicated to central Cybersecurity functions and appropriately prioritized within change programs.
• Collaborate with cross-functional partners including Enterprise Technology, CCO, BIRO, Enterprise Risk, and other stakeholders to ensure alignment and coverage of cybersecurity objectives.
• Develop a deep understanding of cybersecurity risks across Enterprise Technology and specifically within Risk & Compliance IT, including critical assets, threat vectors, vulnerabilities, and required controls.
• Lead and support cybersecurity risk assessments, issue remediation, and continuous improvement initiatives.
• Ensure timely completion of remediation activities and adherence to security controls across projects and operations.
• Facilitate access to cybersecurity services and provide expert guidance to IT stakeholders and project teams.
• Support resolution and remediation of major cybersecurity incidents in collaboration with internal technology and business teams.
• Partner with Regional Information Security Officers (RISOs) to support regulatory submissions, responses, and compliance requirements.
• Coordinate with Cybersecurity central functions to manage compliance with industry frameworks such as PCI-DSS, SWIFT CSP, and internal corporate standards.
• Provide support for regulatory, audit, and external assessment engagementsincluding SOX, EARS, and other mandated reviews.
• Maintain documentation and evidence to support audits and regulatory examinations.
  

Required Skills & Competencies

• Strong understanding of cybersecurity governance, risk management, and control frameworks.
• Ability to interpret technical cybersecurity requirements and articulate them to non-technical audiences.
• Proven experience in stakeholder management across business, technology, audit, and regulatory teams.
• Strong analytical and problem-solving abilities with a structured and detail-oriented approach.
• Excellent communication skills (written and verbal) with the ability to engage senior stakeholders confidently.
• Ability to work independently, take ownership, and drive deliverables to completion.
• Professional, adaptable, collaborative, and able to thrive in a dynamic environment.
  

Required

Education & Certifications :

• Bachelors degree in Computer Science, Information Security, Information Technology, or related field.
  

Preferred (not Mandatory)

• Industry certifications such as ISO 27001 Lead Auditor/Implementer, CISA, CISM, CISSP, CRISC, or similar.
• Prior experience in IT Risk, Cyber Audit, ISR, or regulatory compliance.
  

Additional Requirements

• Willingness to travel occasionally (domestic and international, as required).
• Ability and motivation to continuously learn, adapt, and stay updated with emerging cyber risks and regulatory expectations.
• Commitment to delivering exceptional service and building strong working relationships across the organization.