Head of Information Security will be responsible for monitoring and adapting the technical environment to establish required security standards, in line with business requirements and customer expectation. This is a highly technical role working within the CISO function. South East, 100-130k
Analysing security environments across the business to identify improvements and ensuring completion of improvement projects to an agreed timetable.
- Co-ordinating quarterly Infrastructure Reviews across the global estate by conducting assessments of the Platforms and Corporate systems.
- Composing reports which make recommendations to the CISO to minimise identified risks and obtain an agreed timetable for remediation.
- Working closely with the CISO and Quality Compliance Executive to provide assurance that policies and procedures for Information Security are effective and adhered to.
- Performing or supervising internal audits and using the results to proactively suggest updates to policies and procedures.
- Liaising with external security agencies.
- Keeping up to date with security trends, threats and control measures.
- Contributing to the Group Risk Register and carry out assigned actions to mitigate identified risks.
- Providing high quality IT Security guidance documentation and training to the internal technology teams (IT, Operations and Applications).
- Acting as a strategic and tactical partner in the operational and technical development of the Security Operations Centre.
- Ensuring relevant policies, processes and procedures are up to date and uploaded onto the Business Management System in accordance with internal processes.
- Providing training and awareness on policies, processes and procedures in line with the CISO.
- Taking responsibility for the information security aspects as input into the continued achievement of ISO27001, ISO 22301, ISO 9001, PCIDSS, and Cyber Essentials Plus certifications for the Group and any other certifications as directed by the CISO from time to time,. Responsibility includes the implementation of recommendations, driving external and internal audit requirements/outputs through the Information Security area.
- Taking charge of monitoring security policies across CLIENT's global offices to ensure they are maintained.
- Working closely with the Compliance team to ensure information security requirements are available for external audits.
- As required, providing further support to the CISO with other projects and tasks.
Substantial experience in IT/Project Management within the Security sector. (5+ years)
- A Bachelor's degree in a relevant subject.
- Proven experience in a Senior Security role.
- The ability to manage and motivate others.
- Past experience working with confidential and sensitive material.
- Experience in CCaaS or cloud technology is desired.
- Excellent interpersonal, communication and organisational skills.