Save time and effort sourcing top tech talent
hackajob is partnering with Capital One to fill this position. Create a profile to be automatically considered for this role—and others that match your experience.
Cyber security is an integral part of our culture, and as an industry leader within financial services, it is vital that we all play our part in keeping customers’ data secure. We see security as an enabler and differentiator to enable business innovation and growth, rather than a step in a compliance process.
This role sits in our UK ISO (Information Security Office) team, and will work to embed a positive security culture and to ensure that security risks are properly understood and managed. Working both internally across UK Cyber, and with the wider business, this position will play a key role in solving business problems within cyber guard rails and building pragmatic security controls into our day to day operational processes.
You will also work with technical subject matter experts within our Advisory ISO team to ensure that we communicate technical information in accessible terms for business audiences, including senior management. This is a key part of our drive to communicate a consistent data-driven, risk-based set of priorities and updates.
What you will do:
Engage with business functions, projects and activities to ensure that key business processes deliver security balanced with ease of use - making the secure way the easy way to operate.
Provide a forward-looking view to Cyber of business activities which affect current understanding of cyber risk, and update business functions on relevant Cyber projects.
Provide cyber consultancy to business stakeholders and UK Cyber teams.
Support work to increase awareness of cyber risk across key business stakeholders.
Review existing processes to identify cyber risks, and propose any required mitigating work.
Assess compliance with Cyber policies and standards.
Work with Advisory ISO colleagues to ensure that we present consistent, compelling narratives on risks associated with cyber vulnerabilities.
What we are looking for
Practical experience of working in or leading components of a structured security programme, working with business teams to identify and manage cyber risk.
Demonstrable experience in cyber risk analysis, assessment and mitigation.
Experience in a financial or highly regulated environment.
A detailed understanding of ISO 27001, ITIL, COBIT, PCI DSS and NIST Cyber Security Frameworks.
Working knowledge of GDPR.
Relevant security certifications such as CISSP, CISM, CISA, CRISC, ISEB Certificate in Information Security Management Principles.
Effective written and verbal communication skills.
hackajob is partnering with Capital One to fill this position. Create a profile to be automatically considered for this role—and others that match your experience.