Director of Security Assurance and Remediation (London)

Save job

My client, an international Financial Services company specialising in Foreign Exchange Settlements, is looking for a Director of Security Assurance and Remediation. This role is based in London and requires you to be in the office twice a week.

About the Director of Security Assurance and Remediation role:

The role involves leading and enforcing security assurance, remediation, and monitoring across the organization. The focus is on ensuring compliance with security standards and controls, developing, maintaining, and monitoring a consolidated remediation roadmap to reduce security risks to acceptable levels. The individual will oversee security risk reduction reporting, uphold strong security risk practices, and promote a positive risk culture organization-wide. Collaboration with technical, operational, compliance, and audit teams is essential to create a secure and compliant technology environment.

1. Develop and maintain security remediation oversight, conducting reviews across all environments, services, and assets to ensure compliance with industry standards (e.g., CIS, NIST, ISO 27001, SOC 1/2) and internal policies.
2. Lead security governance to manage adherence to security policies, rectify exceptions, and align security risks.
3. Oversee remediation review lifecycle, testing evidence, and producing reports on risk trends.
4. Collaborate on vulnerability and patch management monitoring, ensuring timely remediation to mitigate risks.
5. Train and guide teams on security gaps, remediation strategies, and ongoing monitoring.
6. Manage repositories of evidence and security artifacts supporting audits and regulatory requirements.
7. Stay updated on security technologies, policies, and regulations, recommending improvements.
8. Review and optimize security policies, standards, and controls in line with regulations and company strategy.
9. Integrate processes with Cyber Threat Intelligence for threat monitoring and response.
10. Align security risk management with organizational risk frameworks and ensure consistent practices across security functions.

Leadership

• Lead by example, demonstrating technical and professional skills.
• Communicate effectively with stakeholders.
• Innovate by automating processes and adopting new capabilities.
• Provide clear direction during cyber incident responses.
• Identify risks and articulate capability gaps.
• Manage ambiguity and operate decisively.
• Build partnerships and collaborate effectively.
• Influence within a matrix organization.
• Focus on customer-centric solutions.
• Commit to ongoing professional development.

Knowledge, Skills, and Abilities

• Bachelor’s degree in a relevant field; Master’s preferred.
• Certifications such as CRISC, CISM, CISA, or similar.
• Experience with AI, post-quantum computing, and cyber risk quantification advantageous.
• Extensive cybersecurity experience, especially in security policy, standards, controls, governance, and compliance.
• Deep understanding of security controls, their effectiveness, and alignment with policies and best practices.
• Ability to consult on security remediation and evidence provision.
• Proficiency in security data analysis and reporting.
• Excellent communication skills for technical and non-technical audiences.
• Knowledge of security risk management principles and taxonomy.
• Experience with GRC tools, preferably RSA Archer.
• Familiarity with security frameworks like NIST CSF, ISO 27001, SOC1/2.
• Understanding of security assurance practices, audits, and lifecycle management.
• Ability to lead teams through change and adapt to evolving threats.
• High integrity and ethical standards.
• Knowledge of cloud security and hybrid environments.
• Experience with vulnerability and incident management.
• Financial industry experience preferred.

If interested, please apply or contact me at 0207 509 8040 or via email at darius.goodarzi@robertwalters.com. Robert Walters Operations Limited is an employment business and agency, welcoming applications from all candidates.