Cyber Resilience Officer with DORA
Our Client is an international bank with offices based in Central London.
They are looking to recruit a Cyber Transformation expert with experience of DORA.
The purpose for this new role is to support the Business Transformation, Resilience & Oversight Manager and the direct team in both: 1) the execution/ongoing management of the banks Cyber Resilience activities & also 2) the new Cyber Security and Digital Operational Resilience Act (DORA) related capabilities.
This is an opportunity for a motivated self-starter, with a can-do mindset and the ability to connect information from various sources to help build a connected resilient organisation.
The candidate will have the opportunity to strengthen and demonstrate strong knowledge of cyber resilience and the new DORA requirements coming into effect in January 2025.
Accountabilities and Duties:
This is an overview list of responsibilities. Collaborating with your line manager, you will develop your own objectives by focusing on the below and more.
- Support stakeholders across the Bank in assessing, understanding and managing cyber risk and bringing awareness on the topic.
- Conduct gap analysis and provide solutions to ensure compliance and alignment with DORA requirements.
- Support DORA compliance by coordinating the activities required across all six pillars of DORA: ICT Risk Management, ICT related Incident Reporting, Digital Resilience Testing, Information Sharing, ICT Third Party Risk and General Governance Principles.
- Stay up to date with the changing cyber risk landscape, emerging threats, regulatory requirements and cybersecurity industry best practises in the UK and EU (e.g. Network and Information Security (NIS2) Directive).
- Plan and execute DORA deliverables in cooperation with similar initiatives e.g. Operational Resilience, Business Continuity and Incident Management.
- Design and oversee regular testing exercises to evaluate the effectiveness of Digital Resilience and Cyber Security, contributing to the Bank’s overall resilience.
- Collaborate with various teams and departments including close partnership with the IT and Risk teams to drive a collaborative firm-wide approach to cyber resilience.
- Conduct reviews on third parties’ cyber resilience as part of the third-party risk management process.
- Act as cyber resilience SME and champion on projects/change initiatives.
- Around 5 years of experience within Financial Services or Consultancy (familiarity with banking products and services).
- Comprehensive understanding and experience of cyber resilience principles/practises including experience in information security, business continuity planning, business impact assessments, crisis management and cyber security.
- Working knowledge and/or expertise of ISO27001, NIST, CAF or other industry standards.
- Knowledge and general understanding of EU Digital Operational Resilience Act (DORA) and Network and Information Security (NIS2) Directive.
- Knowledge of EBA Outsourcing Guidelines, PRA SS2/21 (Outsourcing and TPRM), ESMA Guidelines on Outsourcing to Cloud Service Providers and UK Operational Resilience regulatory requirements are advantageous.
- A team player with the ability to work independently and to manage and prioritise work to meet set deadlines.
- Excellent problem solving and analytical skills with the ability to adapt within a changing environment.
- Solid presentation skills with experience of facilitating meetings and workshops at all seniority levels.
- Great communicator with the ability to build relationships (both 1-to-1 and through existing governance forums) and influence key stakeholders.
- Strong expertise in using Microsoft applications (including Excel, Visio). Previous experience in producing PowerPoint
- presentations for senior management/audiences.
Salary circa £70K - £90K
The position is hybrid 3 days a week in the office in Central London.
Do send your CV to us in Word format along with your salary and notice period.