Requisition ID 35051 Office Country United Kingdom Office City London Division Information Technology Contract Type Regular Contract Length Posting End Date 14/10/2024
Purpose of Job
The Associate Director – IT will be responsible for leading and overseeing all aspects of information security strategy, implementation, and governance across our organization's worldwide operations. The role is responsible for the effective and efficient functioning of their security and Identity and Access management areas, ensuring adherence to the principles of autonomy, self-management, a product led mind set, iterative delivery, adequate resourcing, and high technical standards and always operating within the practices and procedures of the department. This individual will have outstanding hands-on technology leadership and communication skills, a desire to help others learn and develop a calm and pragmatic manner, excellent vendor management skills, plus a superior, risk-oriented approach to processes and operations.
The role is also responsible for both implementation and operational processes to ensure quality, efficiency and agility goals are achieved. This role is a key member of the Technology leadership team and will be highly visible within the organisation.
Accountabilities & Responsibilities
Responsibility
Description
Technology Function
This role is expected to be highly specialised in following Technology areas at
Security Operations centre Identity AM Security Configuration Security Awareness & Training Account management Vulnerability management Data recovery Application Security Security Policy Application and Infrastructure Project SecurityCyber Security
Develop and execute a comprehensive global information security strategy aligned with business objectives and regulatory requirements. Lead the information security governance framework, ensuring effective risk management, compliance, and assurance processes are in place. Provide strategic direction and leadership to the global information security team, fostering a culture of collaboration, innovation, and continuous improvement. Establish and maintain strong relationships with key stakeholders, including executive leadership, board members, regulators, and industry partners. Drive the development and implementation of robust security policies, standards, and procedures to safeguard the organization's assets and data. Oversee the management of security operations, including incident response, threat intelligence, vulnerability management, and security awareness programs. Monitor emerging threats and industry trends to proactively identify and mitigate potential risks to the organization's information assets. Collaborate with cross-functional teams to integrate security best practices into business processes, projects, and technologies. Provide regular reporting and updates to executive management and the board on the organization's security posture, risk profile, and compliance status. Stay current with evolving regulatory requirements, industry standards, and best practices in information security management.CLG Relationship
Develop and improve relationships with CLG (Corporate Leadership Group) members, identifying priorities, issues and strategic challenges and preparing them for discussion. Work is focused on a technology function that has scale and global reach, or a Hub. Acts as a trusted advisor and builds and maintains relationships with other IT leaders and CLG level executives to develop a clear understanding of business needs and relevant capability development and leads teams to be able to respond with agility to changing business priorities.
Budgeting & Cost Management
Take overall responsibility for setting and approving budgets that achieve organizational strategy within a technology function or a Hub in accordance to the delegated powers of authority when applicable. Develops and steers the annual operating and capital & Operating expenditure budget for the respective Capabilities to ensure it is consistent with overall strategic objectives of IT and in line with MD ITs set targets and directions and is properly resourced within plan while appropriately being on budget.
Business Roadmap Planning
Lead the development of annual and longer-term business plans for a Technology function or a Hub ensuring alignment with strategy; quantify business outcomes (i.e. Objective and key results or other key performance indicators) and resource budgets (financial and headcount); and ensure integration of key activities or projects across the organization.
Corporate Representation
Represent the organization in external relations with Board, the vendors on behalf of a Technology function or a local Hub on behalf of MD IT
Technology Strategy and Corporate Alignment
Together with Technology Leadership Team, co-Lead in the development of technology strategy, providing functional leadership and challenge to test the viability of the strategy and contributing creative ideas and insights to support the strategy formation process. Leads the development of the assigned part of the IT blueprint reporting to the MD IT and ensures its integration with the overall IT and enterprise strategic plans. Ensures that their Capability areas align to the organizations and department’s vision and strategy. Uses communication, measurement, evidence, and feedback to ensure that the IT organization fosters a business-oriented culture and mindset driven by a desire to learn and improve across Head Office and the ROs.
Transformation
Facilitate the creation of the digital strategy in the assigned portfolio, working with both internal and external stakeholders to build and communicate the strategic importance of digital and transformation and support to drive organizational transformation in the technology functions scope
Technology Oversight
Leverages influencing and negotiation skills across IT and the enterprise to enable cost-effective and innovative shared technology solutions in achievement of business goals aligned to the Target Architecture while minimizing deviations. Maintains currency on new technologies and platforms and provides advice and direction on what emerging technologies should be assimilated, integrated, and introduced within their Capabilities. Provides strategic direction and oversight for the design, development, operation, and support of IT systems that fulfil the needs of the business, including the full life cycle of technical architecture, infrastructure engineering, infrastructure operations and IT service support.
Execution Excellence
Lead execution of transformation roadmap, establishing and managing programs, and projects, resource allocation, KPIs, and governance activities effectively, efficiently and in line with portfolio roadmap. Works with the IT senior leadership team, Chief Architect, CIO Office, Transformation Office and Product Owners to prioritize allocation of resources to different priorities within the owned portfolio and if needed to the overall portfolio.
Leading Change
Take responsibility for developing and delivering change management plans within the allocated technology portfolio and achieving outcomes that support the organization's overall strategy.
Enterprise Infrastructure
Modernization
Contribute significantly to strategic direction for enterprise architecture, championing an enterprise architecture that is scalable, adaptable, and synchronized with ever-changing business needs and the complexity of digital transformation. Drive alignment and governance across the various domains to align to the target architecture and enable oversight of solution architecture with direct accountability of solution level designs within the scope of the function.
Infrastructure and Network
Development and
Maintenance
Set the global strategic direction for infrastructure and network resources, ensuring it meets long-term business needs and implementation in line with the Target Architecture under the scope of the Technology Function when the allocated portfolio has ownership of these technologies.
Stakeholder Relationship
Management
Lead the development of partnering relationships with stakeholders throughout the global organization, building high levels of professional credibility and mutual trust, and ensuring that internal clients have access to high-quality advice and guidance to support in delivering business strategy and plans for partners in scope of the portfolio.
Leadership and Direction
Communicate the organization's mission, vision and values, and its strategy and broad action plan for delivering these within a Technology function; inspire a diverse global workforce to commit to these and executing appropriate actions to achieve the organization's business goals.
Operational Compliance
Lead the implementation of the organization's policies and procedures within a Technology function to minimize business risk and protect the organization's reputation. Create a business culture that places value on the principles that underlie the creation of voluntary codes of practice, and on adherence to these to mitigate the Technology and Cyber risk.
Workforce Strategy and Execution
Execute the defined Technology blueprint within the scope of influence in line with the detailed design of the organization, to enable the achievement of the organization's mission and business objectives. Directs the execution of sourcing strategy and provides executive oversight for relevant strategic vendor and partner relationship management in addition to the internal roles.
Performance Management
Lead the development of policies, procedures, and related guidelines within the allocated portfolio, ensuring coherence across national boundaries and integration with the broader international corporate policy framework.
IT Implementation and
integration
Leads the implementation, configuration and optimization of IT systems and services, while ensuring smooth integration with IT/cloud infrastructure.
Coaching and Talent
Development
Motivating all employees within the allocated portfolio to learn, grow and develop so that they can obtain the knowledge and experience they need to help the organization reach its goals. Provides leadership, coaching and direction to the Capability teams and IT staff, maintaining high levels of engagement and morale amongst their teams reflected through engagement scores in line with targets. Forecasts future skill needs to acquire and develop a workforce / vendor mix with the appropriate level of business knowledge, technical skills and competencies that balance between growing the agility required to achieve digital business objectives and ensuring the core IT functions are reliable, stable and efficient.
Culture Development
Making sure the workforce within the allocated portfolio develops and maintains the culture, values and design it needs to reach its objectives while managing structural change.
Knowledge, Skills, Experience & Qualifications
Education
• Bachelor's degree in Computer Science, Information Security, or related field; advanced degree preferred.
Experience
Minimum of 10 years of experience in information security management, with at least 3 years in a senior leadership role reporting to CIO level. Proven track record of designing and implementing global information security programs in complex, regulated environments, preferably within the financial services industry. Strong understanding of cybersecurity risk management principles, frameworks (e.g., NIST, ISO 27001), and regulatory requirements (e.g., GDPR, PCI DSS, SOX). Excellent leadership and communication skills, with the ability to effectively engage and influence stakeholders at all levels of the organization. Experience developing and managing IT Risk Frameworks Demonstrated experience in building and leading high-performing teams, including recruiting, mentoring, and developing talent. Strategic thinker with the ability to translate business needs and regulatory requirements into actionable security initiatives. Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), or equivalent certifications preferred. Strong analytical and problem-solving skills, with the ability to prioritize and manage multiple projects in a fast-paced environment. Experience working at a senior level with multiple stakeholders across the organization both at a governance Expertise in IT Risk Frameworks. Demonstrable knowledge and experience leading development of major cloud-based platforms, legacy systems, agile implementation, microservices approach and CI / CD practices. Comprehensive knowledge of hardware, software, application, infrastructure, and systems engineering Banking domain experience preferred.
What is it like to work at the EBRD?
Our agile and innovative approach is what makes life at the EBRD a unique experience! You will be part of a pioneering and diverse international organisation, and use your talents to make a real difference to people's lives and help shape the future of the regions we invest in.
The EBRD environment provides you with:
Varied, stimulating and engaging work that gives you an opportunity to interact with a wide range of experts in the financial, political, public and private sectors across the regions we invest in; A working culture that embraces inclusion and celebrates diversity; An environment that places sustainability, equality and digital transformation at the heart of what we do.
Diversity is one of the Bank’s core values which are at the heart of everything it does. A diverse workforce with the right knowledge and skills enables connection with our clients, brings pioneering ideas, energy and innovation. The EBRD staff is characterised by its rich diversity of nationalities, cultures and opinions and we aim to sustain and build on this strength. As such, the EBRD seeks to ensure that everyone is treated with respect and given equal opportunities and works in an inclusive environment. The EBRD encourages all qualified candidates who are nationals of the EBRD member countries to apply regardless of their racial, ethnic, religious and cultural background, gender, sexual orientation or disabilities. As an inclusive employer, we promote flexible working and expecting our employee to attend the office 50% of their working time.
Please note, that due to the high volume of applications received, we regret to inform you that we are unable to provide detailed feedback to candidates who have not been shortlisted (for further consideration).