The Security & Data - Governance, Risk & Control Specialist is responsible for supporting and managing implementation activities aimed at achieving the organisation’s security and data governance, risk & control objectives.

This role:

• Sits in the first line of defence (1LOD) supports compliance with relevant laws, regulations, and industry standards related to information security and data governance, risk & control, working closely with the business to drive initiatives.
• Supports the Technology and Business functions at a local and Group level in delivering the changes needed to implement industry best practice and meet regulatory requirements.

A high level of collaboration and communication skills along with project management and GRC experience will be required, as the role will help co-ordinate the management and delivery of key changes to address new regulatory compliance requirements.

OVERALL RESPONSIBILITIES

• Liaise and manage relationships with key business stakeholders to clarify and implement the requirements to drive automation of data loss protection (DLP), data retention, and data subject rights management.
• Support and manage initiatives that deliver compliance with DORA, Operational Resilience, and Data Governance requirements.
• Support the implementation of changes to cyber security and data privacy policies and procedures, taking account of the business’ legal, regulatory and operational requirements.
• Support the implementation of a Group data governance strategy.
• Identify and review risks related to full lifecycle IT, security and data
• Define controls in line with Security & Data Governance Policies, Standards and Procedures to mitigate risks identified
• Support implementation of relevant controls across the Group.
• Test the design effectiveness and operational effectiveness of relevant controls on a periodic basis, and report on effectiveness.
• Provide regular updates to senior management on progress of related projects.
• Stay updated on industry trends, best practices, and regulatory changes related to data governance, security, and operational resilience.

This role:

• Sits in the first line of defence (1LOD) supports compliance with relevant laws, regulations, and industry standards related to information security and data governance, risk & control, working closely with the business to drive initiatives.
• Supports the Technology and Business functions at a local and Group level in delivering the changes needed to implement industry best practice and meet regulatory requirements