We are seeking passionate people to grow the Cyber Security team within WTW and provide an excellent service and trusted expertise to all parts of our business. As part of a business wide transformation, we have an exciting opening for a new role of Global Head of Cyber Defense Assurance and Client Audit.
As part of the Cyber Defence and Security Operations department, you will manage the Assurance and Audit function, ensuring WTW continue to meet our regulatory, internal and Client Audit requirements.
You will need to have excellent communicative skills to technical and non-technical audiences, and a solid audit acumen to deal with multiple types of stakeholders across the business.
This role would suit those with an extensive history delivering or supporting formal audits, from ISO27001, GDPR and HIPPA for global organisations are used to working in a high-pressure environment with geographically dispersed teams across different time-zones.
Key Responsibilities:
• Manage a geographically dispersed team supporting ICS audit requirements across the globe.
• Lead the collation of evidence to support Client Audits of WTW, ensuring the audit team have the right information and are fully supported throughout the process.
• Collaborate closely with the various Global Heads within Cyber Defense to ensure processes and policies are in place within the different teams to meet internal audit requirements.
• Track Management Action Plans for Cyber Defense, ensuring responses are provided within specific time limits and stated outcomes are met.
• Coordinate responses for requests for Information relating to Cyber Defence.
• Develop and deliver key status reports of audit readiness for technical and non-technical stakeholders.
• Assist with quality assurance reviews for cyber incidents ensuring action trackers are maintained
• Act as Incident Logist in the event of a significant cyber incident
• Maintain a membership list and call out details of the Cyber Security Incident Group
• Manage various resource schedules from the Secure Operations Centre and other on-call teams ensuring a minimum staffing count in in place on a 24/7 basis at L1, L2 and L3 levels
• Collaborate closely with the SOC and relevant stakeholders to ensure that Case Management systems capture information in alignment with frameworks, regulatory bodies and best practice.
• Conduct Quality Assurance reviews across Cyber Defence to ensure regulatory requirements are being met, particularly within the SOC
• Support audit checks for jointers, movers and leavers, ensuring thorough documentation and account closure.
The Requirements
• Experience in cyber security auditing from a client and regulator perspective
• Understanding of the function of a Security Operations Center and Cyber Defense / Offence Teams
• Familiarity with Information Security standards, regulations, and frameworks (NIST, ISO27001).
• Strong communication skills, able to engage technical and non-technical audiences.
• Able to conduct data analysis, trend identification, and root cause analysis.
• Effective organisational skills, detail-oriented, with a track record in Quality Assurance.
• Experience in undergoing audits, inspections, and evidence collection.
• Team player with excellent communication and coordination skills.
• Innovative problem-solver, people-focused, with a professional demeanour.
• Ability to cultivate a positive, security-aware culture within a fast-paced environment.
Equal Opportunities Employer