Head of IT Legal Regulatory Compliance - Sunbury - 6 Months - £1000 - £1200


Premium Job From ABWRecruitment

Recruiter

ABWRecruitment

Listed on

31st May 2018

Location

Sunbury-on-thames

Salary/Rate

£1000 - £1200

Type

Contract

This job has now expired please search on the home page to find live IT Jobs.

My client an Energy Trading Company based in Sunbury requires a Head of IT Legal Regulatory Compliance

Role synopsis

Cyber Security is one of my clients Highest Priority Group Risks and is overseen by Digital Security & Risk (DSR). Digital Security & Risk is a team of approximately 150 FTE who work to protect my clients information and IT systems in collaboration with the wider company’s business.

The Head of IT Legal & Regulatory Compliance plays a key role in the Governance, Risk & Compliance team within DSR. This global role is responsible for driving compliance towards all IT legal and regulatory compliance regimes. These include: Sarbanes Oxley (SOX), Payment Card Industry Data Security Standards (PCI DSS), new Cyber Security legislation, IT and security aspects of privacy legislation and other regulatory requirements. The role holder works with and influences multiple IT&S service owners to drive the compliance. The role holder also collaborates with stakeholders in a number of Group Functions such as Group Control, Group Legal and Data Privacy.

This is a new role due to the increasing volume of legal and regulatory requirements within cyber security and the wider IT environment.

Key accountabilities

                                                   Management of compliance team.

                                                   Set legal & regulatory compliance strategy, processes and tooling working closely with the Head of IT Governance & Requirements.

                                                   Influence Group wide cyber security policies, standards & best practices in line with compliance requirements.

                                                   Drive SOX and PCI DSS compliance activity including planning, scoping, management assessment and liaison with auditors/assessors.

                                                   Define and lead execution of activity required to allow the company to work towards compliance with new cyber security and privacy legislation globally.

                                                   Lead and manage all IT external audit activity across the Group.

                                                   Lead Ethics & Compliance for IT&S in line with Group requirements.

                                                   Produce high quality compliance deliverables for consumption by various Group-wide senior stakeholders. This includes IT&S Due Diligence reporting.

                                                   Represent IT legal and regulatory matters at IT&S Governance forums as required.

                                                   Manage senior stakeholders in sectors and other Group Functions such as Group Control, Group Legal and Data Privacy.

                                                   Maintain IT compliance status and identify actions and owners required to address gaps.

                                                   Monitor market trends and liaise with third parties including industry peers, vendors, governments and consulting firms to foster collaboration and leverage latest thinking.

Essential education

                                                   Current security qualification (CISSP, CISM or equivalent e.g. Full membership of the IISP)

                                                   Degree level qualification.

Essential experience and job requirements

                                                   Experience of implementation and operation of legal and regulatory compliance services in a large, multinational organisation.

                                                   Experience of managing security, compliance or audit teams.

                                                   Security and IT compliance experience covering IT processes, cyber security, internal controls over financial reporting and PCI DSS.

                                                   Experience of managing external audit relationships.

                                                   Excellent written communication of technology, cyber security and business issues up to Board level in major corporations with clarity, focus and high impact.

                                                   Experience of stakeholder management with government institutions.

                                                   Ability to deal with and influence multi-cultural groups of stakeholders and to work group wide across functions and segments across reporting lines.

                                                   Track record of building networks with other teams to enhance effectiveness.

                                                   Directly and indirectly manage teams of permanent and contract staff.

                                                   Excellent attention to detail

Desirable criteria & qualifications

                                                   RSA Archer and/or SAP GRC experience

                                                   Internal or External Audit experience

You are currently using an outdated browser.

Please consider using a modern browser such as one listed below: