DESCRIPTION

We are seeking a vibrant Cyber Security Portfolio and Programme Director with solid budgetary and portfolio management experience in financial or insurance services and delivery experience leading complex transformational programmes in cyber security.
A cyber security leader who can communicate and manage relationships with senior stakeholders, build compelling transformation journeys and be a key player in their delivery.
You will have proven experience in helping businesses to shape and deliver complex cyber security programmes of change that deliver value, security, agility and efficiency. You will, as a trusted cyber security programme director, be directly responsible for outlining the overall cyber security programme vision to business leaders and then working in progressively more detail to help the whole enterprise successfully deliver the programme.
The Cyber Security Programme Director will be responsible for ensuring WTW meets its cyber security standards and objectives by successfully driving a continuous programme of investment and change.
The successful candidate will be action oriented, a pro-active person with a focus on building trust for effective teamwork with broad international experience and a willingness to travel when necessary.
The Security Programme Director will report to the Chief Information Security Officer with responsibility for providing senior security programme leadership and guidance to cross functional teams on security technologies and design. The role will be pivotal in providing direction and recommendations to improve the overall security posture of WTW
The ideal candidate must be able to demonstrate that they have driven significant business impact through risk reduction and maturity across all technology disciplines contributing to an overarching security posture. Additionally you must be comfortable providing advice to C-suite leaders, business leaders and senior technologists across our diverse business and directing partners and consulting teams on WTW’s well-established security controls and frameworks.
This role will be responsible for the day-to-day management of demand and activities, ensuring work is appropriately prioritised and progress is reported against. The role is expected to promote the quality of team outcomes through peer reviews and serve as a mentor and encourage the personal development of other team members.

THE REQUIREMENTS

• Experience in program and project management, ideally are program and portfolio director
• Experience in cybersecurity strategy planning
• Experience identifying and assessing risks to the organization’s business.
• Experience crafting and executing Information Security initiatives, including capturing and redefining requirements into impactful work items
• Experience driving cross-functional initiatives according to plan and timelines
• Experience with some cybersecurity technologies and systems, such as firewalls, intrusion detection systems, and security information and event management (SIEM) systems.
• Experience with cybersecurity frameworks and standards (such as the NIST Cybersecurity Framework and ISO/IEC 27001)
  At WTW, we believe difference makes us stronger. We want our workforce to reflect the different and varied markets we operate in and to build a culture of inclusivity that makes colleagues feel welcome, valued and empowered to bring their whole selves to work every day. We are an equal opportunity employer committed to fostering an inclusive work environment throughout our organisation. We embrace all types of diversity.
  We’re committed to equal employment opportunity and provide application, interview and workplace adjustments and accommodations to all applicants. If you foresee any barriers, from the application process through to joining WTW, please email candidate.helpdesk@willistowerswatson.com

• Directors and delivers the development, implementation, monitoring and communication of the cybersecurity program and related activities.
• Lead multi-functional team coordination, opportunity screening, benefit/cost analysis, vendor selection, schedule and budget oversight, management of consultants/contractors, issue resolution, and reporting.
• Coordinates with internal and external legal, contracting, procurement, finance, and communications departments to ensure successful project rollout and streamline communications.
• Through the program governance structures presents cybersecurity program status reports to senior management.
• Through the use of data and evidence is able to quantify risk reduction and overall programme status towards delivery of desired outcomes.
• Provides metrics and artifacts supporting audit activities
• Performs cybersecurity operations management and project management
• Ensures project-defined deliverables are provided on time and have been quality reviewed (e.g., SOPs, Configuration Guides, Training Documentation, Project Schedules)
• Provides knowledge and expertise in government regulatory processes and documentation, including but not limited to Risk Management Approach (RMA), National Institute of Standards and Technology (NIST) standards, and policies and procedures
• Works with external stakeholders to understand operational needs and develop effective processes
• Maintains a current understanding of industry trends, emerging cyber threats, and new solutions which may impact the environment
• Works with key stakeholders across the organization to ensure that the cybersecurity program aligns with business objectives, mission, and values by developing comprehensive strategies and tactics