Roles & Responsibilities
Strategic & Governance Leadership
- Deputise for the Head of Information Security at ITLT, OpCom, RiskCom and Advisory Board as required.
- Define, maintain and mature the Information Security Strategy aligned to Technology Directorate and firm objectives.
- Establish governance mechanisms to ensure effective security oversight.
- Own annual review and update of Information Security Terms of Reference.
- Ensure security roles, responsibilities and training plans are defined and maintained.
Regulatory & Policy Oversight
- Own the Information Security Policy framework and supporting standards.
- Ensure mapping of regulatory and industry standards (e.g. GDPR, ISO 27001) to firm policies.
- Oversee annual policy attestation and compliance reporting.
- Lead audit readiness and regulatory engagement.
Risk & Assurance