Are you a seasoned cybersecurity risk and control professional with expertise in cloud security control design and implementation?
The role involves overseeing the development of effective cyber control capabilities and continuous improvement of the Group's cyber risk profile.
* As an organisation with a large IT estate servicing millions of customers daily, we need to ensure effective mitigations are in place to defend our assets against an ever-evolving cyber threat environment.
* The Control Lead Cloud Security is tasked with ensuring control capabilities are in place to identify security weaknesses and mitigate cyber threats to cloud-based asset classes (IaaS, PaaS, SaaS, containers) across the Group.
Key responsibilities include:
* Supporting Technology Crew Leads, Product Owners and Enterprise Architects in setting the control capability roadmap for cloud security, overseeing control operation, and delivery of control remediation to achieve target risk outcomes.
* Establishing and maintaining cloud security standards and guidelines to align with changes in industry standards, technology strategy and threat intelligence.
* Governing the Group's compliance with Cloud Security control requirements and supporting the business in tracking remediation of critical security weaknesses and improvement of overall risk posture.
* Carrying out control effectiveness assessments, identifying control weaknesses and driving appropriate risk remediation across business-owned cloud-based assets.
* Establishing automated control performance monitoring capabilities to support cloud security assurance over business-aligned technology services.