Apply: Technology and Cyber Risk Manager (flexible location) Reference: JO-2402-6766WSP is one of the world's leading engineering and professional services firms. Our 67,000 trusted professionals are united by the common purpose — to create positive, long-lasting impacts on the communities we serve through a culture of innovation, integrity, and inclusion.With over 150 years of experience in Aotearoa New Zealand. We are proud to have the blueprint of Aotearoa New Zealand, in our DNA and be involved in the projects that will continue to connect and support us for future generations. We value our people, our reputation, and our impact on the future.Technology and Cyber Risk Manager (flexible location)WSP's Information Security Office (ISO) is responsible for the deployment and maintenance of the information security framework for both the IT organization and wider business community. This includes the Governance mechanisms, policies and processes, tools and technologies, and employee training required to protect WSP information and that of our clients.To run our global Technology &Cyber Risk Management process, we are seeking a talented and experienced Senior Manager for Technology and Cyber Risk. This role will report to the Global Director of IT Risk.As a Senior Manager for Technology and Cyber Risk, your primary role will be to manage the full IT Risk Process from identification, assessment, mitigation and monitoring. This role is a key player in fostering relationships and coordinating efforts to manage technology-related risks. It calls for a strong analytical ability, and the capacity to work effectively in a diverse, global environment.Key responsibilities include:Implement and maintain a comprehensive and effective IT risk management practice across the WSP global IT organisation. This should include identification of potential IT risks, the evaluation of their impact, the formulation of strategies to mitigate these risks, and the tracking of their mitigation and/or acceptance. Conduct regular monitoring and review of the IT risk management process to ensure its effectiveness and alignment to the organization's risk appetite and business objectives.Establish reporting and communication methods that ensure that relevant stakeholders within IT and business leadership have an accurate and timely view of IT risks. Analyse and process data related to risk, issues, and deficiencies to identify patterns and trends.Work with WSPs Executive Risk Management (ERM) team on the evaluation and reporting of relevant IT Risks as part of the ERM process.Lead and manage a team of risk analysts, fostering a collaborative environment that encourages open communication, mutual respect, and shared responsibility in managing cyber and technology risks.Deliver risk management training within the IT community and establish a culture of risk-aware decision-making, accountability, and a commitment to maintaining an effective control environment.Own and manage the evolution of the Integrated Risk Management Platform (Service-Now IRM). This includes entities, risk statements and controls management.Be a subject matter expert in relation to IT risk and risk mitigation. Empower IT stakeholders to assume responsibility for the IT risks in their respective areas and encourage them to report any potential IT risks.The successful candidate will work directly with all levels of IT Leadership and business stakeholders to ensure issues and risks are well understood so that effective decisions can be made.Leadership and People Responsibilities:Displays leadership and independence in performing their role.High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity.Develop positive working relationships with other team members and business partners and partners across teams to align with WSP internal and external client demands.Capable of rapidly assimilating and internalizing complex business, technology, and risk management concepts and dependencies.Able to exercise judgement when policies are not well-defined.Critical thinker with strong problem-solving and organization skill.Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate between specialized groups of business unit and IT professionals.Ability to work with people from different backgrounds and cultures across the region and the world.Accommodation of schedule for international conference calls.About you:8+ years related senior level experience in Information Security, IT Audit with at least 2 years in Risk Management.Bachelor's degree in information technology, Computer Science, Engineering, or related field.Experience working in large/global enterprise IT.Working (not necessarily technical) knowledge of enterprise IT security concerns and technologies, including but not limited to VPNs, network security, encryption, authentication, application-level network protocols, Firewall, LAN/WAN, and TCP/IPKnowledge of technology best practices (applications, network, etc)Experience with IT Governance frameworks such as NIST and ISO 2700xExperience with governance, compliance and audit within IT environmentsExperience of risk management, including risk analysis, mitigation and monitoringKnowledge of information security regulationsExcellent interpersonal and communication skills, able to interact with different layers of management.Ability to work with minimal supervision and little to no instructions.Strong organizational and project management skills.Excellent analytical and diagnostic problem-solving skillsDemonstrated experience in understanding and demonstrating compliance with information security requirements.Limited travelling may be required.PreferredKnowledge of Service-Now Integrated Risk Management platform (IRM)Professional certification in one or more of the following disciplines — IT governance (e.g., CGEIT), security (e.g., CISSP, CISM), internal audit (CISA) or Payment Card Industry (PCI)Due to the nature of this role, you may need to work outside of standard business hours. Please note that we can only consider applicants with the right to work in New Zealand and will not provide relocation support.Why us?WSP NZ has proudly earned its place among the top five employers to work for in Aotearoa New Zealand, as recognised in Randstad's latest employer survey. In addition, WSP has been listed as one of TIME's 2023 top 100 companies globally for employees. Our dedicated team is passionate about creating innovative, comprehensive, and sustainable solutions for a future that prioritises the well-being of our people, whanau, and communities. We contribute to complex and exciting projects addressing critical environmental and infrastructure challenges and have a solid pipeline of work across multiple disciplines.At WSP, we prioritise a diverse, inclusive, and supportive environment that empowers our people and allows them to be in control of their time. We believe that this is essential for us to achieve our common goals and that great results can be achieved through collaboration and by allowing everyone to bring their authentic selves to work. By fostering this environment, we inspire our team to strive for excellence and reach their full potential.Our benefit package is highly competitive and includes the following:Flexible and hybrid working arrangementsComprehensive medical insuranceUnspecified sick leavePersonal development and well-being grantProgressive parental leave policyOption to purchase up to 4 additional weeks of annual leaveReimbursement of up to 2 annual professional membershipsCommunity dayEmployee Assistance ProgrammeMultiple discounted products and services, and more.We will review applications as they come in, so if this opportunity sounds like you, don't wait to apply!First name *Last name *Enter your email address *Preferred Name *80Phone *8080Preferred Method of Contact *Street *80City *80Region *80Country *80Postal Code *10Qualification and Institution (eg. BEng University of Auckland) *100100Are you currently legally entitled to work in New Zealand? *Have you been convicted of a criminal offence or do you have any charges pending (in New Zealand or overseas) not including any concealed under the Criminal Records (Clean Slate) Act 2004? *If you answered yes to the previous question, please provide detail here.1000Do you have a full, clean and current New Zealand Driver License? *If you answered no to the previous question, please provide detail here1000Do you currently have, or have you ever had a medical or physical condition or an injury, which may be aggravated or contributed to by certain job tasks or affect your ability to perform the functions and responsibilities of the position applied for? *If you answered yes to the previous question, please provide detail here.1000What are your remuneration expectations? *What is your notice period? *100How did you hear about this vacancy at WSP? *Do you consent to the Company retaining the information in this application form for the purpose of considering your suitability for any other position which may arise with WSP in the future? *By submitting your application, you agree to the terms of the WSP Privacy Policy. Click here to view our privacy policy.#J-18808-Ljbffr
