Business Information Security Officer - Global Insurance Group

Posted 16 April by Page Group
Easy Apply
Salary negotiable
London , South East England
Permanent, full-time

Register and upload your CV to apply with just one click

View all jobs
Posted by Page Group

I'm delighted to be partnering a global Insurance group to appoint a Business Information Security Officer based in London City. This is a rare and exceptional opportunity for a technical "hands on" and strategic InfoSec leader with experience in data protection, third party risk, operational resilience and implementation of security measures. Someone with project management, delivery and expertise in complex regulatory and contractual requirements.

Client Details

A leading global re/insurance group comprising distinct businesses covering various Insurance and Reinsurance service offerings across a well-established international customer base. This is a highly compelling Insurance brand with a rich history and deep expertise operating across Lloyd's, UK, European and global markets. This role sits within their successful and growing reinsurance business with a syndicate in the Lloyd's of London market supporting a diverse client portfolio with complex re/insurance needs.

Description

About the role

The Business Information Security Officer (BISO) plays a pivotal role in bridging the gap between business objectives, cybersecurity and data protection strategy focusing on excellence in protecting, detecting, resolving, mitigating, recovering and learning from potential security exposures.

Key Responsibilities

Direct, embed Information Security and Data Protection Strategy:

  • Assess and set the strategy to achieve and maintain appropriate infoSec practices, controls, resilience, risk identification and responses across Tech and Data
  • Determine, adopt, embed and assess the infoSec framework and certification appropriate to our organisation and markets considering new laws, standards, NIST, ISO27001, CIS, CQUEST etc)
  • Define and execute the cyber strategy, prioritising short, medium and long-term investment considering resilience and risk factors
  • Work with stakeholders to assess impact of new projects, solutions, partnerships and regulations to security and data protection posture and support implementation
  • Lead and collaborate across the group to ensure uniformity in cybersecurity policies and practices

Protect, Detect, Respond, Recover, Improve Management:

  • Lead on horizon scanning for security threats, vulnerabilities and mitigations across the estate and data
  • Lead cyber and Data Protection testing for compliance and vulnerability aligning to operational resilience, continuity management and other reg requirements
  • Ensure security content training initiatives are conducted regularly and communicated effectively
  • Develop standards and assess risks of third-party relationships on posture and data protection, advising and monitoring

Leadership and Advocacy:

  • Work with the business to incorporate security-by-design principles into projects, architecture, infrastructure, and applications.
  • Collaborate to establish and embed infoSec and data protection standards, resilience, response and recovery capabilities to improve posture within risk tolerances

Profile

Looking for a proven and forward-thinking Information Security leader who has demonstrable experience leading on development of cyber security and data protection maturity within global, complex and highly regulated organisations. This role is initially a lead individual contributor role with scope for growth.

Skills and experience

  • Experience in financial services and preferably Insurance/ Lloyd's market
  • Knowledge of national and global cybersecurity policies, regulations, and frameworks.
  • Expertise in data protection practices, third party assessment and operational resilience
  • Expertise in complex regulatory and contractual requirements and an ability to create effective compliance systems
  • Extensive experience in cybersecurity technology project management and actively promotes and manages security change throughout an organisation
  • Proven working with IT systems, security and governance to align with?control frameworks, incident management, operations and application of security best-practices.
  • Familiar with vendor security risk and data protection reviews and controls
  • Understanding the different Certification such as CISSP, CISM, CRISC, or CISA preferred
  • Experience in building response and recovery capabilities.
  • Excellent written and verbal communication skills, with the ability to engage stakeholders at all levels.
  • Strong understanding of business processes and the ability to integrate cybersecurity seamlessly.

Job Offer

Opportunity to join a leading global re/insurance firm in this Business Information Security Officer Role:

Competitive Basic Salary

Performance Related Discretionary Bonus

Flexible and Rewarding Pension

28 days leave + buy / sell option

Hybrid Working in premium London, City office

Required skills

  • Business Information Security Officer BISO CISO Chief Information Security Officer Cyber Security 3rd Party Risks CISP CISM CRISC CISA

Reference: 52487086

Please note Reed.co.uk does not communicate with candidates via Whatsapp, and we will never ask you to provide your bank, passport or driving licence details during the application process. To stay safe in your job search and flexible work, we recommend visiting JobsAware, a non-profit, joint industry and law enforcement organisation working to combat labour market abuse. Visit the JobsAware website for information and free expert advice for safer work.

Report this job

Not quite what you are looking for? Try these similar searches