Job Description
The Head of Business Cyber Security is accountable for Aviation Cyber Risk Management and security. The role is a LOD2 Cyber authority to ensure the Aviation group is operating in a secure manner, protected against Cyber threats, attacks and the Aviation Leadership able to manage Business Cyber Risks.
Ensures Business leadership understands, owns Cyber risks, business Cyber posture, and agrees to the residual cyber risks or act on to remediate Cyber Security gaps, findings in a timely manner according to the risk profile of the group. The role is trusted partner to the Business, helping Business leadership gain understanding of Cyber Risks, threats while making secure business and technological decisions.
Ensures alignment and successful implementation of Group Cyber Security strategy, Cyber security strategic programs including driving and promoting Cyber Security awareness of business staff towards desired Cyber behaviours & resilience.
The role ensures structured, dynamic engagement with Business Leadership on assessment of the business cyber security posture, residual Cyber Security risks , status of the mitigation status , cyber resilience of the staff and providing views on dynamically changing threat landscape , increased sophistication of cyber-attacks that happened in the industry.
Stakeholder Collaboration and Management
Oversee the alignment between the Group Cyber Security and Business unit towards the Management of the Cyber threats and Risks that leads to Business leadership to manage Cyber Risk and protect the business against Cyber-attacks.
Build, grow and sustain relationships with the Business Leadership team, key Business LOD1 functions to protect the Business against Cyber Threats.
Active participation with the Group Cyber Security Leadership to ensure Business input incorporated into the Cyber Security Strategy, Strategic program and the services to protect the Business unit against cyber threats and risks.
Establish and develop trust with Business Leadership to be the default partner on Cyber Security matters for Business leaders making business and growth decisions while considering Cyber Security challenges and risks and embedding security in digital transformation projects and operations.
Represent Cyber Security towards the business leadership and industry or country authorities on critical cyber security incidents.
Digital Delivery Excellence
Ensure successful and timely deployment of Group Cyber Security Strategy, Framework, Policies, Guidelines and Operational Services to Business unit.
Operationalise Cyber Security Risk Management capabilities such as Business Impact Assessment of Business unit’s digital portfolio of services and applications to identify Crown jewels to be protected in-line with Risk appetite.
Ensure relevant cyber security controls are deployed for both application and services with secure by design principle.
Driving Cyber Risk acceptance, risk mitigation and finding management processes consistently to ensure Cyber Risks are managed and residual risks understood by the leadership.
Acts as the primary cybersecurity lead for a specific business, defining and aligning enterprise cybersecurity strategy with business objectives and roadmap.
Drive implementation and integration/adoption of security capabilities within the business and ensure business alignment and visibility of cyber cost allocation.
Cyber Security Advice & Support
Champion Cyber Security awareness, behaviours among the business staff and vendors to increase the Cyber Resilience by actively leading the transformational change management activities within the Business unit.
Understanding of external regulations within the industry and the market to collaborate and understand the rapidly changing Cyber Threat landscape as well driving compliance to the increased Cyber regulations in the industry and to the business.
Understanding of Cyber Security fundamentals and industry standards to actively contribute and influence the Group Cyber Security decisions and services for the protection of the Aviation Group Companies.