Cyber Security Lead

Description :About the Role :The Cybersecurity Lead for Risk & Compliance IT plays a key role in supporting the Chief Information Security Officer (CISO) for Enterprise Technology as part of the 1st Line of Defence (1LoD). This role focuses on strengthening cybersecurity governance, enabling risk-based decision-making, ensuring compliance, and supporting remediation initiatives for the Risk & Compliance IT landscape.Additionally, the role provides cybersecurity oversight across other areas of Enterprise Technology and supports broader CTO CISO team initiatives.The ideal candidate has deep expertise in cybersecurity risk management, governance, regulatory compliance, and stakeholder engagementpreferably in a complex, global, or financial services environment.Experience Required :- 7- 12 years of experience in Information Security, Cybersecurity Governance, Technology Risk, or Audit.- Experience working within financial services, global enterprises, or regulated industries is highly preferred.- Prior exposure to IT Risk, ISR, compliance frameworks, or cyber remediation programs is desirable.Key Responsibilities :- Consolidate security monitoring insights and risk reports, translating technical information into clear, business-friendly formats for technology and leadership stakeholders.- Represent Cybersecurity in key governance, risk, and leadership forums.- Ensure security requirements from the Risk & Compliance IT teams are communicated to central Cybersecurity functions and appropriately prioritized within change programs.- Collaborate with cross-functional partners including Enterprise Technology, CCO, BIRO, Enterprise Risk, and other stakeholders to ensure alignment and coverage of cybersecurity objectives.- Develop a deep understanding of cybersecurity risks across Enterprise Technology and specifically within Risk & Compliance IT, including critical assets, threat vectors, vulnerabilities, and required controls.- Lead and support cybersecurity risk assessments, issue remediation, and continuous improvement initiatives.- Ensure timely completion of remediation activities and adherence to security controls across projects and operations.- Facilitate access to cybersecurity services and provide expert guidance to IT stakeholders and project teams.- Support resolution and remediation of major cybersecurity incidents in collaboration with internal technology and business teams.- Partner with Regional Information Security Officers (RISOs) to support regulatory submissions, responses, and compliance requirements.- Coordinate with Cybersecurity central functions to manage compliance with industry frameworks such as PCI-DSS, SWIFT CSP, and internal corporate standards.- Provide support for regulatory, audit, and external assessment engagementsincluding SOX, EARS, and other mandated reviews.- Maintain documentation and evidence to support audits and regulatory examinations.Required Skills & Competencies :- Strong understanding of cybersecurity governance, risk management, and control frameworks.- Ability to interpret technical cybersecurity requirements and articulate them to non-technical audiences.- Proven experience in stakeholder management across business, technology, audit, and regulatory teams.- Strong analytical and problem-solving abilities with a structured and detail-oriented approach.- Excellent communication skills (written and verbal) with the ability to engage senior stakeholders confidently.- Ability to work independently, take ownership, and drive deliverables to completion.- Professional, adaptable, collaborative, and able to thrive in a dynamic environment.Education & Certifications :Required :- Bachelors degree in Computer Science, Information Security, Information Technology, or related field.Preferred (not mandatory) :- Industry certifications such as ISO 27001 Lead Auditor/Implementer, CISA, CISM, CISSP, CRISC, or similar.- Prior experience in IT Risk, Cyber Audit, ISR, or regulatory compliance.Additional Requirements :- Willingness to travel occasionally (domestic and international, as required).- Ability and motivation to continuously learn, adapt, and stay updated with emerging cyber risks and regulatory expectations.- Commitment to delivering exceptional service and building strong working relationships across the organization. (ref:hirist.tech)