Mark Henshaw |
|||
| Senior Manager, Security, Risk and Assurance | |||
| RBSG | |||
|
SO51 7TP, United Kingdom |
|||
|
|||
About Mark Henshaw
Mark Henshaw - Professional Summary:
Mark is an experienced and professionally qualified Information Security and Risk leader who has operated at board level within the Banking, Pharmaceutical, and Automotive sectors. He has delivered pragmatic tangible outcomes for the business at strategic, technical, and operational levels, and has led teams responsible for Information Security Strategy, Planning & Architecture, Risk Management, Security Policy & Standards, Assurance, Reporting, and Operations.
Mark is presently employed by the Royal Bank of Scotland Group as a Senior Manager responsible for Security, Risk and Assurance. In this capacity he has led the development of the targeted assurance review process, and has delivered a risk based assurance framework, processes, and tools, and he has built a team of highly skilled assurance professionals to deliver the assurance service into the RBSG business. His team now delivers a portfolio of services including technical and targeted risk assessments, thematic reviews, third party reviews, and business and IT continuity assessments.
In past roles Mark has held senior information security and risk management positions with General Motors Corporation, and with Eli Lilly and Company.
· CISSP, Certified Information Systems Security Professional
· CISM, Certified Information Security Manager
· CRISC, Certified in Risk and Information Systems Control
· CGEIT, Certified in the Governance of Enterprise IT
· Fellow of the British Computer Society, Chartered IT Professional
· ISMS Master Implementer, Six Sigma Green Belt, TOGAF 9 ADM, ITIL V3 Foundation
Board level experience, interaction with CxO and Senior Management of business, supporting, challenging and influencing decisions – also with external parties including auditors and professional services organisations (at Lilly, GM, and RBSG)
An experienced senior manager, with a history of delivering clear and transparent security risk frameworks and controls into complex high-pressure environments, including governance structures to support appropriate decision making and right-sized actions/mitigations (at Lilly and GM)
Responsible for the development and maintenance of security policy and controls in line with business risk appetite – the creation, implementation, and subsequent monitoring of adherence to security policy through a risk-based framework, using policy controls and evidencing methods (at GM)
Significant awareness and execution of stakeholder engagement and influence across diverse and complex environments, and the need for deliberate tactical communications supporting the overall risk identification and mitigation process - built global cross-divisional stakeholder model allowing key engagement to take place via nominated individuals, and removing multiple requests on business areas – leading to customer advocate model (while at GM and RBSG)
More than 15 years’ experience covering people management, line management, and team direction, both at technical and operational levels – also led virtual team of security advocates (at Lilly, GM and RBSG)
Held leadership role for several years covering security strategy and planning for large blue chip automotive, also responsible for the sponsorship of security initiatives and programmes within SIP (at GM and RBSG)
Responsible for the creation and delivery of controls assurance activities in line with Group Framework and Policies for Information Security, Personal Security, Fraud, Payment Security, Property, Records Management, Business Continuity, and IT Continuity across Systems, Data Centres, Business Units, Property, and Technology Service Providers (at RBSG)
Designed and implemented the risk based assurance review process, including tools, and management information reporting (at RBSG)
Responsible for the leadership and development of global roadmaps for as-is and to-be IT risk and security - working in partnership with business units and architecture leadership, supporting the delivery of an IT strategy enabling the business to succeed at an acceptable level of risk (while at GM)
LookupPage is an essential self branding tool that ensures you are professionally represented online.
Mark Henshaw Links
