Senior Manager, Controls & Standards Governance

  • Anywhere
  • Anywhere


Senior Manager, Controls & Standards Governance

Responsible for Control library, Cybersecurity controls assessments and Standards Governance.

Key Responsibilities

  • Lead the oversight of the Cybersecurity controls environment
  • Lead the development and governance of the Cybersecurity standards
  • Roll out the GRC Cybersecurity controls framework while balancing the approach with end user experience and compliance to NIST FSSCC.
  • Working with Controls Owners in partnership with other Cybersecurity and Technology stakeholders, evaluate and perform an end-to-end analysis of standards and the controls library and identify significant gaps and weaknesses and determine root cause of control deficiencies.
  • Develop creative and innovative solutions to manage risk, ensuring that controls and metrics are properly designed, operating effectively, and essential to a proactive risk and control culture that leverages proven evaluation strategies and sound change management protocols.
  • Engage collaboratively With Control Owners, regardless of geographic location, providing support across Cybersecurity.
  • Update controls and their associated standards and metrics, and be a proactive adviser across the three lines of defence, identifying Cybersecurity risk issues and recommending solutions.
  • Monitor the health of the controls library with respect to technical and operational processes.
  • Be a part of a team providing independent review of design and control effectiveness.

Leadership responsibilities

  • Ongoing and periodic risk and control assessment cycles and reporting
  • A fit-for-purpose Cybersecurity Controls Library using key risk metrics, indicators and industry standards.


  • This will be a high-profile role responsible for supporting audit and assurance engagements.


  • Understanding and working knowledge of control frameworks based on industry best practices such as NIST, COBIT, and ISO27001.
  • Cyber security qualification e.g. CISSP / CISM (desirable)
  • Degree in Cyber, Information Security or IT management
  • Demonstrable working knowledge and understanding of key cyber security controls such as Vulnerability Management, Identity & Access Management, Authentication and Authorisation systems, Data Protection, Application Security, Secure Application Development practices, Third-Party and Cloud security.
  • IT and cybersecurity policies and standards
  • Operational risk frameworks
  • Regulatory compliance
  • Technology resiliency

Leadership and management experience

  • Experienced leader with 10+ years’ experience in a regulated environment with risks, controls and metrics within Technology environments.

To apply for this job please visit

To apply for this job please visit

Contact us


Related Jobs