Job description
Our UK Information Security Team is growing and its scope covers the full breadth of information security disciplines, including privacy. We already have excellent relationships with our stakeholders, including system owners, senior management and IT teams in the UK and Sweden. To help these stakeholders provide excellent support to our branches and customers we are looking for an additional team member who is passionate about building innovative and pragmatic solutions and who would value our open collaboration with stakeholders.
Main ResponsibilitiesThe main purpose of the Information Security Consultant role is to:
- Represent Information Security with Business stakeholders as a trusted advisor, finding pragmatic and cost-effective security solutions that efficiently support customer needs.
- Act as a specialist owner of 1 or more of the team’s security processes, systems or frameworks, maintaining specialist knowledge and continually evolving the process, system or framework with reference to the bank’s global and local system & process owners, regulation & good practice.
- Provide appropriate specialist advice and interpretation of Information Security best practice and UK regulatory requirements to a range of different stakeholders as new products, processes and systems are developed
- Lead risk & control assessments using defined processes, for example external supplier due diligence, privacy impact assessments and project security.
- Develop and lead innovative and effective training and awareness activities for information security and privacy, to ensure effective colleague engagement and awareness.
- Lead assurance activities to assess the effective implementation and operation of systems and controls to manage the information security risks;
- Respond to queries from our branches and other colleagues on information security to ensure effective risk management of information security;
- Act as lead Duty Incident Manager on a shared rota basis to manage information security and personal data breaches in accordance with defined incident management processes, ensuring impacts and risks are appropriately identified, assessed and mitigated;
Deputise for elements of the reporting manager’s role, on an ad-hoc basis, to cover absences, periods of increased workload, etc.
The Ideal CandidateKey Skills:
- Solid, practical and demonstrable experience of information security (technical and non-technical aspects), including good understanding of privacy
- plan, organise and prioritise tasks and projects effectively
- pragmatic, and effectively balances risk and control requirements with commercial drivers
- ability to solve problems creatively and effectively
- positive, collaborative and builds and maintains effective relationship with others
able to influence decision making to surface and mitigate issues and risks across a wide range of stakeholders
About The CompanyHandelsbanken is a relationship bank with a decentralised way of working, a strong local presence thanks to a nationwide network of branches, and a long-term approach to customer relations. Each Handelsbanken branch operates as a local business enabling it to make decisions at a local level and provide a bespoke service. The focus is always on the need of the individual customer and not on the sale of specific products.
The Bank is deeply committed to embedding good equality and diversity practice into all of our activities. This is so that we are an inclusive, welcoming and inspiring place to work that encourages everyone to apply, regardless of socio-economic background, age, disability, pregnancy and/or parental status, race (including colour, nationality, and ethnic or national origin), veteran status, marital and civil partnership status, religion or belief, sex, gender reassignment or sexual orientation.