Head of Security Consultancy and Advisory- FTC

Willis Towers Watson ,
Reigate, Surrey
Job Type: Full-time

Overview

Summary of Role As Head of Security consultancy and advisory for Information and Cyber Security you will be working across Willis Towers Watson (WTW) providing a range of information security assurance activities : Running the security consultancy capabilities to consistently monitor, report and consult on assurance by: Managing overall lifecycle of all consultancy and its component parts Ensuring processes enable the team to track against WTW standards Maintaining overall processes Running regular sessions with team to quality review progress against in scope key capabilities Embed and monitor comprehensive view of security control gaps, associated risks and potential exposures Running deep dive sessions with the business in support of security areas that could risk client loss of business Managing escalations of security related activities for acceptance and/or decisions Owning and running business segment sessions to ensure alignment to business goals and objectives Creating consistent and accurate data reporting to identify trends and emerging risks across segments and corporate functions Providing appropriate reporting against WTW operational and security KPIs and propose actions where gaps identified Developing strong relationships with key influencers across business, technology and key clients Creating partnerships with outsource functions, ensuring appropriate engagement where impact to clients security service Recommending updates to the information assurance standards and controls with the target of being first in class security Working in partnership with function counterparts, sharing appropriate information across assurance supporting key outcomes for internal customers, clients and connected third parties Developing strong relationship with other ICS counterparts that are key influencers in providing assurance that new applications or infrastructure are appropriately secure Supporting the identification and development of change activities and programs to be planned to close security gaps Managing any regulatory, audit and other mandatory requirements supporting the success of winning and retaining client business This role resides in our Information & Cyber Security team within Corporate IT, reporting to the Assurance Director, Information Security. We are open to candidates located in the United Kingdom. The normal working base location will be Philadelphia with occasional visits to London. This role is a 12 month fixed term contract. The Role You will be responsible at a day to day level for: Supporting information security infrastructure improvements Performing due diligence on important and strategic client work with segments Supporting due diligence on escalations of third parties that impact clients Providing client contract advice Undertaking audits and performance evaluations of clients Supporting client queries related to information security Providing support to WTW business segments during tenders for new business where good information security is seen by the client as critical Evolving the services to reflect the rapidly changing technologies and customer delivery channels being deployed and to meet the evolving demands of the diverse business areas being serviced Providing risk based assurance advice on all information security issues to the business, project and new product teams throughout WTW Managing a team of security specialists who: Assess global projects ensuring no additional security risk introduced to WTW, with leading on key strategic, high profile and/or NDA programs Assess user access assurance, privileged access assurance, generic shared and system account assurance, ensuring access to systems and application data continues to be appropriate Provide security related Service Now ticket consultation Assess firewall change control spot checks Assess scanning network spot checks Assess penetration test for assurance Are segment aligned security consultants who provide segment level consultation and advisory Leading an offshore team who: Monitor and manage intakes, workflow and capacity Carry out the initial triage to determine the level of security input required Enable a connected workforce when allocating work to assurance security consultants Support and input to operational and volume reporting Working in partnership with : Security Third Party Assurance Security Client Assurance