Our client is a company going through huge change during 2018. They are looking for confident team players with that ‘can-do’ attitude. They offer exciting internal opportunities for you to develop your skills and progress internally within the business.
Position: Head of Information Security
Location: Homebased - London
Job Type: Full Time, Permanent
Hours: 37.5 hours per week
About the role:
The role of the Head of Information Security is instrumental in defining the security strategy for the business and have responsibility to direct, create and evolve Information Security roadmaps to meet their current and future IT needs.
Responsible for ensuring security requirements are being met, whilst continually driving process improvement to ensure best practice. This role will act as a bridge between senior stakeholders the board, business colleagues, product owners and engineers and working closely with the wider business (e.g. Legal / HR / Technology Services) to achieve its objectives.
- Champion the adoption of best practices to reduce business critical threats whilst implementing IT security governance, policies and industry standards across the enterprise
- Responsible for defining and leading the implementation of the information security policy globally
- Identify security standards, practices and policies that the organisation must comply with
- Own the implementation of the information security policies, tools, processes directly and through other business functions
- Provide security input into the data protection and compliance functions of the business
- Create and build relationships and managing 3rd parties to achieve relevant accreditation or certification for compliance
- Production of policy and procedural materials for internal and external usage
- Responsible for the selection and implementation of tools and technologies that help security and compliance
- Define and lead internal and external education and awareness programmes
- KPI and baseline reporting metrics for information security status
- Regular exec summary reporting of organisational information security
- Owning vulnerability management, assessments and reporting including patch management
- Responsible for security auditing, internally and externally, reporting on threat assessment
- Responsible for assessing the organisations security state through announced and unannounced exercises
- Building relationships with CISO / Information Security representatives of customers and prospective customers
- Design and guidance for RFP’s and contractual agreements (info sec / data protection / compliance aspects)
- Support colleagues to improve processes and policies
- Excellent working experience of developing, publishing, maintaining control processes and policies around IT Security
- Strong and demonstrable experience of risk analysis, cyber security issues, risks and solutions not just covering tooling, but also its impact to wider business context
- Strong experience of incident response
- European and international (US / Asia) operating experience
- Relevant security accreditations (e.g. CISP or CISM / CISA)
- Strong working knowledge of implementing / managing GDPR / DPA / ISO 27001 / ISO 9001 / Cyber Essentials / ITIL / PCI compliance
- Enterprise / internet technology background from a corporate environment
- Ethical hacking / penetration testing background is desirable
- Involvement in open source security projects would be preferred
- Product development processes and agile project methodologies would be ideal but is not essential
You may have experience of the following: Head of Information Security, Security Operations Centre Manager, ISO27001, ITIL, Cyber Security, IT Security Manager, Computer Forensics, Vulnerability Analysis, Threat Detection, Penetration Testing, Risk Analysis, Cyber Security Analyst, CISSP, CISM, CISA, etc.
This vacancy is being advertised by EasyWeb Recruitment, the UK’s leading Online Recruitment Agency. The services advertised by EasyWeb Recruitment are those of an employment agency. No terminology in this advert is intended to discriminate on the grounds of gender, race, disability, age, sexual orientation, religion, or belief, and we confirm that we will gladly accept all applications.
Bank or payment details should not be provided when applying for a job. reed.co.uk is not responsible for any external website content. All applications should be made via the 'Apply now' button.Report this job