The Cyber Defence Assurance Senior is a key role within the Global Information and Cyber Security Defence (ICSD) function, they will support global teams such as the Global Security Operation Centre and the Threat Discovery and Investigation Team by providing a quality assurance function that will support continuous service improvements for Incident response.
The successful candidate will work closely with the Cyber Defence Assurance Team Manager and Principals to ensure that an assurance function, front door for audit requirements Incidents is well managed throughout their lifecycle. They will also contribute to the updating and amending of process and procedural documents for the teams.
We are looking for a collaborative team player, with brilliant coordination and communication skills who enjoys operating in a fast-paced environment. Communication with partner teams, and a passion for improvements will be key to success. The successful candidate will be expected to build strong relationships with WTW’s Global Security Operations Centre and other Information Cyber Security Defence (ICSD) Teams.
The individual will contribute to and work as part of a global multi-disciplined security community with clear vision and direction, and top-down support across the business. They will help the wider community in fostering a culture which is both security aware and is a great place to come to work. WTW has a large global footprint, and the successful individual will find a fascinating range of work.
The Role
The Cyber Defence Assurance Senior will provide global assurance support for the information Cyber Security Defence (ICSD) teams, responsibilities of this role will include:
Deputise where required for the Cyber Defence Assurance Team Principal. Liaison with management across Information Cyber Security Defence (ICSD) teams, including interfacing with incident response management, user awareness and communications colleagues, and wider technical teams. Contribute to the creation of and delivery of presentations and briefings as required to key, senior stakeholders. Generating reports for technical and non-technical stakeholders, including the creation of documentation, executive packs, or detailed reports to provide narrative of complex subjects to board/senior level management. Assist with the development of metrics and Key Performance Indicators to drive maturity.Conduct Quality Assurance process for cyber security incidents to ensure that policy, process, and best practice is followed. Contribute to the monthly Lessons Learned process for cyber incident response to support continuous improvements. Support teams by helping define, shape, and write Information and Cyber Defence processes and procedures to support continuous service improvements and audit management action plans Support the audit checks on ICSD Leavers, coordinating with peer ICSD managers ensuring accounts are closed down and documented evidence is obtained for audit purposes. Assist in responding to ICSD audit requests, ICS Client assurance client requests, and general information gathering. Support ICSD Control owners with audit requests, tracking and gathering the evidence requested. Work with the MI/BI lead in WTW to ensure ICSD have relevant and timely published reports, and shape future ICSD reporting requirements. Tracking of ICSD actions as required for various working groups and projects including the Incident Trends Working Group, Lessons Learned. Coordination of workshops, capturing minutes, actions, and business decisions. May be required to support the Cyber Defence Assurance Manager and Principals with other taskings.
The Requirements
We are looking for a candidate for the Cyber Defence Assurance Senior who has the following:
Have a people focused approach that displays trustworthy, professional attributes to deliver innovative approaches to your work.Experience and knowledge of cyber security Incident response and the lifecycle.Knowledge and understanding of Information Security and IT concepts.Knowledge of security standards, frameworks such as NIST, ISO27001, regulations and legislation.Has strong verbal and written communication skills, interpersonal collaborative skills, and the ability to communicate security and risk-related concepts to both highly technical and non-technical audiences.Ability to compile data, identify root cause analysis and provide this to key decision makers.Experience of undergoing audits or inspections and evidence collection.Experience of capturing minutes, actions, and business decisions.Able to identify emerging risks and trends and provide statistical analysis of information.Excellent organisational and prioritisation skills with strong attention to detail.Experience of conducting Quality Assurance to ensure that standards, frameworks, and best practices are followed.Knowledge of common security controls, detection capabilities, and other solutions for securing digital environments.WTW is an Equal Opportunity Employer