Job offer
Chief Information Security Officer
Man Group is seeking a Chief Information Security Officer (CISO) who will assume full responsibility for information security and identity and access management and lead the company’s security strategy. The CISO will be responsible for developing and implementing security standards, monitoring risks, and overseeing identity and access management programs.
Tasks
The position of Chief Information Security Officer (CISO) entails full responsibility for information security and identity and access management at Man Group. This is a company-wide leadership role, as it involves driving cultural change. The responsibilities include:- Oversight of the Identity and Access Management (IAM) Program, IAM BAU, and Information Security
- Responsibility for the information security strategy and for aligning security investments with the company's risk profile
- Managing security capabilities and governance across the entire organization through training, engagement, and communication
- Establishing and enforcing safety standards in technology, operations, and business units
- Working with teams to understand existing processes and integrate secure access into existing systems
- Supporting the adoption of artificial intelligence and new technologies by establishing practical security guidelines
risk responsibility
Risk responsibility includes:- Responsibility for Information Security and IAM Risks and Controls Self-Assessment (RSCA)
- Identification, Assessment, and Mitigation of Risks
Identity and Access Management
Responsibilities in the area of Identity & Access Management include:- Responsibility for the IAM strategy and the transformation roadmap
- Development and Implementation of Information Security and Identity & Access Management Controls
- Trends in Annual Audit Results Related to Identity and Access Management
Governance & Reporting
Responsibilities in the Governance & Reporting area include:- Chair of the Information Security Steering Committee
- Providing information security metrics, risks, and program updates to the supervisory board and the Risk and Finance Committee
- Overseeing the three-tier risk management process in coordination with the dedicated TIRM team
- Support for DDC Access and Audit
Requirements
The requirements for the CISO are:- A "builder" mindset that makes it possible to balance competing priorities
- A strong understanding of technical security implementations, trade-offs, APIs, and architectural patterns, as well as a practical understanding of business requirements and how they align with technical solutions
- Proven experience in a senior information security role, ready to take on a full-scope CISO role
- Proven ability to drive change through a direct reporting line and to influence technology, operations, and business teams to lead security initiatives
- A strong communicator who is equally at ease giving presentations to supervisory boards and working in a technical design environment
Further requirements
Additional requirements are:- CESIP Certification
- Experience with identity governance platforms and large-scale IAM transformation programs
- Familiarity with information security frameworks and standards (NIST Cybersecurity Framework, SANS, and CISSP)
- Experience with threat intelligence environments (Active Directory, Entra ID, SCOM platforms)
- Experience in implementing security frameworks for the adoption of new technologies
- Background in a regulated industry with experience managing compliance and security requirements, such as Azure or AWS and/or card programs
Job details