Director of Cyber, Risk & Compliance - Corporate
London
WPP
WPP is the creative transformation company. We use the power of creativity to build better futures for our people, clients and communities.WPP is the creative transformation company. We use the power of creativity to build better futures for our people, planet, clients, and communities.
Working at WPP means being part of a global network of more than 115,000 accomplished people in 110 countries. WPP has headquarters in New York, London and Singapore and a corporate presence in major markets worldwide.
We create transformative ideas and outcomes for our clients through an integrated offer of communications, experience, commerce, and technology.
WPP and our award-winning agencies work with most of the world's biggest companies and organisations – from Ford, Unilever and P&G to Google, HSBC, and the UN. Our clients include 61 of the FTSE 100, 307 of the Fortune Global 500, all 30 of the Dow Jones 30 and 62 of the NASDAQ 100. WPP are the leader in the Bloomberg Gender Equality Index and 20th in the FTSE 100 rankings for Women on Boards.
*For internal WPP employees, we welcome applications from all regions*
Why we're hiring:
WPP is at the forefront of the marketing and advertising industry's largest transformation. Our Global CIO is leading a significant evolution of our Enterprise Technology capabilities, bringing together over 2,500 technology professionals into an integrated global team. This team will play a crucial role in enabling the ongoing transformation of our agencies and functions.
As Director of Cyber, Risk & Compliance for our Corporate cluster, you will play a critical role in safeguarding WPP's digital assets and reputation. You will be responsible for adapting and implementing our global cybersecurity program within the Corporate cluster, proactively identifying and mitigating risks, and ensuring compliance with all applicable laws and regulations. Your leadership will be fundamental in fostering a culture of security awareness and best practices.
What you'll be doing:
- Adapt and implement the global cybersecurity strategy for the Corporate cluster, ensuring seamless alignment with WPP's overall Technology Operations and cybersecurity posture.
- Lead the implementation of robust security architectures, policies, procedures, and controls, as defined by the global cybersecurity program, to protect the confidentiality, integrity, and availability of cluster data and systems.
- Implement and maintain a comprehensive IT risk management framework for the Corporate cluster, aligning with the global framework and encompassing risk identification, assessment, analysis, response, and monitoring.
- Conduct regular risk assessments and audits to proactively identify and prioritize ET risks, developing and executing mitigation plans to address identified vulnerabilities. Escalate critical risks to the global team as needed and report findings to both cluster and global stakeholders.
- Own the risk register for the Corporate cluster, conducting regular risk reviews and ensuring its accuracy and completeness.
- Conduct regular audits and assessments to monitor compliance with security policies and regulatory requirements, identifying areas for improvement and reporting findings to both cluster and global stakeholders.
- Lead, motivate, and develop a high-performing team of cyber risk and compliance professionals within the cluster, fostering a culture of collaboration, accountability, and continuous improvement, aligned with the global Cyber Risk and Compliance culture.
- Build and maintain strong relationships with key stakeholders across the cluster, including business leaders, ET colleagues, legal and compliance teams, and external auditors, ensuring alignment with global stakeholder management practices.
- Communicate effectively with stakeholders at all levels, providing regular updates on the cluster's cybersecurity posture, risk management activities, and compliance status, utilizing global communication channels and reporting structures.
What you'll need:
- A proven track record of successfully implementing and managing cybersecurity programs within complex organizations, demonstrating a deep understanding of security best practices and a commitment to continuous improvement.
- Strong knowledge of risk management methodologies and frameworks, with the ability to apply them effectively in a dynamic business environment to identify, assess, and mitigate potential threats.
- A solid understanding of the business context and priorities within the Corporate cluster, enabling you to tailor security initiatives for maximum impact and alignment with business objectives.
- A strong foundation in cybersecurity principles, frameworks, and best practices, including experience with industry-standard security controls and technologies. This could be demonstrated through a combination of education (e.g., a bachelor's degree in Computer Science, IT, or a related field) and/or relevant certifications.
- Familiarity with relevant compliance regulations and standards, such as GDPR, CCPA, and ISO 27001, demonstrating your commitment to maintaining a secure and compliant technology environment.
- Excellent communication, interpersonal, and stakeholder management skills, with the ability to effectively convey complex technical information to both technical and non-technical audiences, fostering trust and collaboration.
- Strong leadership qualities, with the ability to motivate and inspire teams to achieve goals, creating a positive and supportive work environment.
- Proven ability to work effectively within a global team, adapting global strategies to local contexts while maintaining a cohesive security posture across the organization.
Who you are:
You're open: We are inclusive and collaborative; we encourage the free exchange of ideas; we respect and celebrate diverse views. We are accepting: of new ideas, new partnerships, new ways of working.
You're optimistic: We believe in the power of creativity, technology and talent to create brighter futures or our people, our clients and our communities. We approach all that we do with conviction: to try the new and to seek the unexpected.
You're extraordinary: we are stronger together: through collaboration we achieve the amazing. We are creative leaders and pioneers of our industry; we provide extraordinary every day.
What we'll give you:
Passionate, inspired people – We promote a culture of people that do extraordinary work.
Scale and opportunity – We offer the opportunity to create, influence and complete projects at a scale that is unparalleled in the industry.
Challenging and stimulating work – Unique work and the opportunity to join a group of creative problem solvers. Are you up for the challenge?
WPP is an equal opportunity employer and considers applicants for all positions without regard to race, color, religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability. We believe in creating a dynamic work environment that values diversity and inclusion and strives to recruit a diverse slate of candidates to help us achieve that goal.
Please read our Privacy Notice (https://www.wpp.com/people/wpp-privacy-policy-for-recruitment) for more information on how we process the information you provide.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CCPA Compliance Computer Science GDPR ISO 27001 Monitoring Privacy Risk assessment Risk management RMF Strategy Vulnerabilities
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.