(Cybersecurity) Business Enablement Risk Lead

Technologies we use

Your responsibilities

• The CST Business Engagement risk lead will drive and deliver the following services in conjunction with the CST team and individual Global Business/Global Function/Regional (GB/GF/Regional) CBE teams:

• Work with control and service owners to agree strategy, roadmap and architecture business cases to meet GB/GF/Reg needs

• Work with the strategy and architecture team, risk and control owners, GRC and CBE team (BISOs, RISOs, Cyber delivery and consulting leads) to identify global gaps or opportunities for improvement, highlighted in audits and emerging from evolving regulatory requirements.

• Assist Cybersecurity capability leads/ Product Owners/ project teams to prioritise demand based on GB/GF/Reg risk return on investments, change feasibility and the mandatory nature of change (regulations).

• Liaise with CBE delivery and consulting leads in respective GB/GF/Reg to identify requirements and strategy for central change initiatives.

• Gather CISO, strategy, architecture and GB/GF requirements regions and business via the CBE teams within respective GB/GF/Reg. (for example by participating in their Business Cyber Defense forums, Business-Cyber delivery forums, RCMM’s etc.) Via the CBE team, understand local business strategy and direction, with focus on information security as input in development of the transformation and strategic plans. Liaise with Strategy and Service Management team within CST to assist with overall business case development and investment planning.

• Support change programme management in relation to GB/GF/Reg:

• Support coordination and facilitate discussion between Cybersecurity capability leads/ Product Owners/ project teams; technology and the CBE team (BISOs, RISOs, Cyber delivery and consulting leads) to define qualitative and quantitative benefits of the change.

• Assist Cybersecurity capability leads/ Product Owners/ project teams to understand the path of adoption for the work they are doing.

• Work with Cybersecurity capability leads/ Product Owners/ project teams to ensure strategies, roadmaps and architecture meet requirements from CBE teams

• Support and facilitate the Business Case (Investment Feasibility) development process and support in relevant approval/ sign off. Work with CBE team (RISO & BISO, cyber delivery and consulting leads) to manage stakeholders within GB/GF/Reg.

• Coordinate change delivery/ deployment across recipients of change (i.e. regional control owners):

• Work with Cybersecurity capability leads/ Product Owners/ project teams and Service Owners to assist with the development of the Operational Readiness plan (i.e. BAU embedment) for the GB/GF/Reg within the change releases.

• Ensure clear traceability of delivery to outcomes, risks and control improvements. Engage with CBE teams (RISO’s, BISO’s, Delivery and Consulting leads), CRCS Pods owners along with the Cybersecurity capability leads/ Product Owners/Value Stream Lead/ Project teams; to deliver clear business benefits around project scope, progress, control uplift maturity, regulatory outcomes and overall benefits in business friendly language.

• Ensure escalation for CBE and project teams and support with unblocking change delivery/ adoption issues for their respective assigned areas of CBE business and regions. Also provide specialist advise/ business context to the as it pertains to the GB/GF/ Reg.

• Support the proactive management of risks for delivery, operational and implementation rollout for business/regions within the Cybersecurity Sub-Value Stream (SVS) and Platforms, through coordination and collaboration with capability leads/ Product Owners/ project teams and Portfolio Mgmt. team and CBE teams (RISO’s, BISO’s, Delivery and Consulting leads)

• Assist the delivery teams and Cybersecurity capability leads/ Product Owners/ project teams in ensuring that the production of work is accounted and planned for as part of portfolio delivery.

Our requirements