Expert - Cyber Risk and Control Frameworks

Expert - Cyber Risk and Control Frameworks

This role has been designed as 'Hybrid' with an expectation that you will work on average 2 days per week from an HPE office.

Who We Are:

Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work.

We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in today's complex world.

Our culture thrives on finding new and better ways to accelerate what's next.

We know varied backgrounds are valued and succeed here.

We have the flexibility to manage our work and personal needs.

We make bold moves, together, and are a force for good.

If you are looking to stretch and grow your career our culture will embrace you.

Open up opportunities with HPE.

Job Description:

We are seeking a Cybersecurity Risk and Controls Framework Expert to analyse the regulatory compliance, business and operational risk requirements related to cybersecurity and develop a framework against which control requirements can be defined and applied.

This will include analyzing the inventory of cyber policies and standards and validating them against the risk and controls framework as well as against the threat landscape.

This role will also be responsible for driving enterprise risk reporting and creating the right awareness and visibility for executive decision making.

What You'll Do


* Support Governance, Risk and Compliance (GRC) leadership in delivering various risk overview summaries, including monitoring regulatory changes that impact cybersecurity


* Contribute to the development of the Cyber risk governance framework by leveraging existing frameworks and approaches


* Facilitating a gap analysis of the current processes against the Risk management framework


* Provide subject matter expertise on the control framework, policies, standards and guidelines to ensure their effective development.


* Analyse the current suite of controls against the control framework to ensure our policies and standards delivers a balanced risk / reward profile in alignment with business strategies and priorities


* Ensure that changes to risk governance frameworks and control guidance are effectively communicated to allow for adequate implementation and compliance.


* Work with regional representatives to coordinate the scanning for regulatory changes related to cybersecurity.


* Provide expert opinion on HPE's risk and effectiveness of our policies and standards using analytics, review of cyber issues, control effectiveness reviews, Key Risk Indicators and assessments as required.


* Support the handling of questions pertaining to cyber policies and standards from regulators, partners and customers.


* Deliver presentations and updates to key business and technology stakeholders.


* Provide timely insight to business and techno...