Cyber Gap To Policy Operations Mgr

Job Title: Cyber Gap to Policy Operations Mgr.

Location: Kingston

Unilever is one of the world’s leading consumer goods companies with operations in over 190 countries and serving 3.4 billion consumers every day. Unilever delivers best in class performance with market making, unmissably superior brands which include Dove, Knorr, Domestos, Hellmann’s, Marmite and Lynx. Our strategy beings with a purpose that places our consumers at the heart of everything we do, “Brighten everyday life for all”.

JOB PURPOSE

Role Purpose:

This role will support the Senior Cyber Risk Manager. Using a risk led, and threat informed approach, this role will embed, operate and continuously improve the Gap-to-Policy (GtP) Governance, Process and Tooling for control gaps identified against Unilever’s Cyber policies and standards. This includes supporting the Cyber engagement function in the consistent execution of the process with their stakeholders.This role is responsible for ensuring the processes and governance are being operated in line with the defined approach and that Gaps are being appropriately logged, tracked, reported and governed in line with Unilever’s Risk Appetite.

Role Summary:

The successful candidate will be accountable for the definition, operation and governance of a Cyber Gap-to-Policy framework across Unilever globally.

This role will ensure a risk-based approach is consistently applied for GtP execution across the organization, working with the Cyber Engagement function to ensure the process is operated in line with the framework defined by the GRAC team. To ensure an accurate and representative picture of Risk is maintained, they will ensure that full lifecycle management is being executed across all GtPs including the timely closure and reporting of expired and un-remediated GtPs is in place. The role will play a key part in helping Unilever effectively manage cyber risk across the global organisation.

RESPONSIBILITIES

1.Accountable for the operational oversight and governance of the Cyber Gap management framework

2.Responsible for the continuous improvement and optimisation of the Gap Management tooling, processes and workflows

3.Responsible for ensuring a Risk based approach is consistently taken to Gap Management

4.Responsible for maintaining the schedule of authority for GtP Approval

5.Accountable for ensuring the framework enforces full lifecycle management of GtPs

6.Responsible for assurance to ensure the Gap Mgt. framework is being implemented and operated consistently

7.Responsible for ensuring Risk surfaced through the exception handling process is fed through into the broader Cyber Risk Management framework.

8.Responsible for the aggregation and reporting of GtP Management

ALL ABOUT YOU

Skills:

• Excellent written and verbal communication skills and able to be understood by both technical and non-technical personnel
• Ability to manage conflicting priorities and multiple tasks to meet key deadlines.
• Stakeholder management and interpersonal skills at both a technical and non-technical level.
• Ability to work in a collaborative environment.
• Ability to drive process teams to understand reporting situation, explores options and come to consensus on preferred solution.
• Strong presentation skills.
• Ability to work with internationally located stakeholders.
• Ability to work with emerging requirements to build prototypes/sketches and go through multiple iterations before agreeing on a workable solution.
• Data analysis skills to derive insights from relevant data sets.

Experience:

The following experience is looked for in candidates that would be considered for the role:

• Operation and oversight of business process governance and/or design
• Experience in Cyber Security, especially cyber risk management is preferred but not essential.
• Experience dealing with stakeholders within a customer-focused environment.
• Understanding of global best practice standards (e.g. NIST, CIS, ISO), Information Security standards and controls, and the “three lines of defence” model for appropriate segregation of duties and risk transparency.

NOTES

About Unilever

Unilever is one of the world’s leading suppliers of Food, Home and Personal Care products with sales in over 190 countries and reaching 2 billion consumers a day. Unilever has more than 400 brands found in homes around the world, including Dove, Tresemme, Lynx, Lifebuoy, Shea Moisture, Persil, Domestos, Ben & Jerry’s, Magnum, Marmite, The Vegetarian Butcher, Graze and Pot Noodle.

Faced with the challenge of climate change and the need for human development, we want to move towards a world where everyone can live well and within the natural limits of the planet. That’s why our purpose is ‘to make sustainable living commonplace’ 

Location

In June 2020 we announced our plan to consolidate a number of Unilever’s offices across the South East of England into a new Unilever campus in Kingston-upon-Thames in or around early 2025. However, on the 08 August 2024 we announced to our existing staff our proposal to retain our central Head Office in London, 100 Victoria Embankment (“100VE”) until our lease expires in 2027. As a result of this new proposal, we will be consulting with our existing staff, and new joiners who join during this period of consultation at 100VE, on the proposal made in August 2024. During consultation we will clarify the future location of each team and function. This means your role will either be based in 100VE until 2027 or in Kingston-Upon-Thames from early 2025. As we are yet to commence consultation on the proposal you agree, until such a time when consultation has concluded, your normal place of work as set out in the enclosed Statement of Terms & Conditions will be 100VE. You agree that on the conclusion of the consultation your place of work will be 100VE or 100VE until early 2025 and then Kingston-upon-Thames ("the locations") and you will be notified of which of the locations will be your place of work after that consultation ends.

What We Offer

Not only do we offer a competitive salary and pension scheme, we also offer an annual bonus, subsidised gym membership, a discounted staff shop and shares. You’ll have the opportunity to work directly with our renowned and exciting brands in a flexible and hybrid working environment.

Whilst the role is advertised on a full-time basis, we would be happy to discuss possible flexible working options and what this may look like for you. We are a key advocate of wellbeing and offer a variety of support for our people including hubs, programmes and development opportunities. We strive to achieve a family-friendly and inclusive workplace and to, above all, create possibilities for all.

Diversity at Unilever is about inclusion, embracing differences, creating possibilities and growing together for better business performance. We embrace diversity in our workforce. This means giving full and fair consideration to all applicants and continuing development of all employees regardless of age, disability, gender reassignment, race, religion or belief, sex, sexual orientation, marriage and civil partnership, and pregnancy and maternity. We are also more than happy to provide reasonable adjustments during our application and interview process to enable you to be present your best self. To find out more, including about our Employee Resource Groups, please click here Equity, Diversity & Inclusion at Unilever | Unilever.

Recruitment Fraud

Cyber criminals advertise fake job adverts with prestigious employers as a way of stealing information or even defrauding individuals out of money.In the most sophisticated cases, they will set up fake websites, which have a similar address to companies like Unilever. They even conduct fake telephone interviews and then offer candidates a role with the proviso they pay a fee for background checks or to cover work visa costs. These types of attacks are becoming more common as more people are looking for employment in the economic climate.

How is Unilever tackling this?

Many of Unilever’s recruitment sites publish a warning to candidates about recruitment fraud. The Cyber Security team also proactively scan for signs of people setting up fake Unilever sites and act to close them down.

What can I do?

If you become aware of potential recruitment fraud, spot fake Unilever recruitment adverts or fake LinkedIn profiles, report them via Una Live Chat.

Unilever does not accept responsibility or liability for any candidates who are financially impacted by recruitment fraud. Your vigilance is key!