Regional Security Officer, North America

About The Position

Requirements

• A passion for Cyber and Physical security and technology in general.
• A mature understanding of security trends, tools, technologies, processes and procedures.
• A good understanding of relevant local regulations.
• Security risk and compliance management.
• Proactive situation management, innovative and critical thinker with tactical execution.
• Data/intelligence gathering and analysis.
• Incident, response and crisis management.
• Ability to build and maintain liaison partnerships with government and non-government bodies.
• Excellent communication skills, both written and verbal.
• High quality planning, prioritisation, and organisational skills.
• Stakeholder management.
• Self-driven.
• Proactively manage risk, meeting all policy and compliance requirements; perform controls; adhere to processes and procedures pertinent to the role; conduct security reviews and escalate events, issues or breaches as they are identified.
• Must have 8+ years in Cyber Security, with Physical Security experience considered a significant advantage.
• Proven ability to operate and deliver within large, multi-time-zone organisations, preferably banking/financial services.
• Track record of providing high quality, accurate insights that help drive decision making.
• A proven record of improving business outcomes and capabilities.
• Experience handling audits and regulatory inspections.
• Ex-Government law enforcement/intelligence experience preferred.
• Knowledge of cyber-security processes and frameworks, such as ISO27000 series, NIST, COBIT.
• Good understanding of banking/finance compliance obligations, relevant regulations, industry requirements and their linkage to processes.

Nice To Haves

• Preference for relevant tertiary/post-graduate qualifications - degree in Computer Science / information systems or equivalent technical qualification.
• Cyber Security, Governance, Architecture or technology related certifications will be an advantage. (CISSP, CISM, SABSA)
• Demonstrated ability within physical security, supported by appropriate licensing in the field
• Business acumen in banking / financial services industry will be an advantage

Responsibilities

• Proactively identify regional regulatory, and operational requirements and ensure they are embedded within Group Security processes.
• Act as a conduit between Group Security and the region by representing regional perspectives and advocate for regional priorities to Group Security leadership and being the voice for Group Security at regional forums.
• Engage with Group Security leadership to ensure alignment of Group Security and regional objectives.
• Contribute towards Group Security goals, commitments and strategy outcomes, document measures and track progress.
• Drive continuous improvement of delivery and operational processes through monitoring of technology development and trends, identifying and capitalising on opportunities, and collaboration with teams across sub-domains.
• Conduct information security activities as required, including but not limited to: ✓ Monitor security performance metrics; ✓ Participate or lead in regional regulatory compliance assessments, external assurance activities or regulatory inspections on behalf of Group Security; ✓ Participate in major information security incident forums, partner with regional compliance teams and assess for regional regulatory notification requirements; ✓ Participate in local governance activities; ✓ Engage with local intelligence and law enforcement groups; ✓ Oversee physical security systems such as CCTV, alarms; ✓ Be accountable for physical security risk management advice and guidance and protective security, including but not limited to, Executive Protection, Emergency Management, Real-Time Incident Response, Travel Security, Event Security Assessments and Management, Physical Security, Threat Intelligence and Risk Assessment and De-escalation Training; ✓ Provide regular and/or proactive ad-hoc reporting such as Risk Management Committee reports, Situational Updates to global Fusion Centre – geopolitical, unrest, protest etc. ✓ Oversee relevant regional vendor relationships and coordinate related activities; ✓ Enhance security culture and awareness in the region; ✓ Act as Business Continuity Coordinator who ensures all business units have Business Continuity Plans in place and branch -wide plans are tested each year in line with global enterprise resilience requirements through effective relationship with key stakeholders.
• Risk and compliance escalation
• Performance improvement locally and contribute to the broader group
• Incident management
• Workforce engagement
• Productivity and efficiency