Head Of IT Legal & Regulatory Compliance
|Job Title:||Head Of IT Legal & Regulatory Compliance|
|Location:||South East England, England|
|Contact Name:||Sarose Burnley|
|Job Published:||May 31, 2018 18:22|
This role sits within the IT and digital security and risk part of the Global energy trading organisation.
All Candidates MUST HAVE PCI DSS and Sarbanes Oxley (SOX) exposure with a Global sized organisation. profiles without this will not be considered. If you do have this experience then please read on:
This is a new role due to the increasing volume of legal and regulatory
requirements within cyber security and the wider IT environment.
Key accountabilities Management of IT&S compliance team.
Set legal & regulatory compliance strategy, processes and
tooling working closely with the Head of IT Governance &
Influence Group wide cyber security policies, standards & best
practices in line with compliance requirements.
Drive SOX and PCI DSS compliance activity including
planning, scoping, management assessment and liaison with
Define and lead execution of activity required to allow BP to
work towards compliance with new cyber security and privacy
Lead and manage all IT external audit activity across the
Lead Ethics & Compliance for IT&S in line with Group
Produce high quality compliance deliverables for consumption
by various Group-wide senior stakeholders. This includes IT&S
Due Diligence reporting.
Represent IT legal and regulatory matters at IT&S Governance
forums as required.
Manage senior stakeholders in IT&S and other Group
Functions such as Group Control, Group Legal and Data
Maintain IT compliance status and identify actions and owners
required to address gaps.
Monitor market trends and liaise with third parties including
industry peers, vendors, governments and consulting firms to
foster collaboration and leverage latest thinking.
Essential education Current security qualification (CISSP, CISM or equivalent e.g.
Full membership of the IISP)
Degree level qualification.
Essential experience and
Experience of implementation and operation of legal and
regulatory compliance services in a large, multinational
Experience of managing security, compliance or audit teams.
Security and IT compliance experience covering IT processes,
cyber security, internal controls over financial reporting and PCI
Experience of managing external audit relationships.
Excellent written communication of technology, cyber security
and business issues up to Board level in major corporations
with clarity, focus and high impact.
Experience of stakeholder management with government
Ability to deal with and influence multi-cultural groups of
stakeholders and to work group wide across functions and
segments across reporting lines.
Track record of building networks with other teams to enhance
Directly and indirectly manage teams of permanent and
Excellent attention to detail
Desirable criteria &
RSA Archer and/or SAP GRC experience
Internal or External Audit experience
Rate: £900 - £1100 per day
Duration: 6 months
Start Date: Immediate