Information Security Leader
This successful and high growth global brand are looking to recruit an experienced dynamic Information Security Lead to replace the current post holder who is due to retire in the next few months.
You will design, implement and lead the Company's Information Security Management programme to support effective protection of their information and technical assets, ensuring alignment with the company's compliance and regulatory requirements.
The ideal candidate will have the experience with senior stakeholders, to be a trusted advisor but also not too far removed from the 'tools' and must be able to take the lead with your team.
· Lead, define and implement a risk-based Information Security strategy and delivery programme to manage technology and information assets; continuously reviewing and improving policies and processes to reduce risk
· Establish appropriate standards and controls for Information Security and provide direction across the Company in this area and for the implementation of policies and procedures.
· Be the thought leader IT Security on the Technical Governance Forum and provide SME advice and insight with required security and compliance audits and vulnerability assessment for procurement of any new system
· Design and lead annual Information Security assessment with auditors to test for vulnerabilities across the internal and external facing environments, social engineering risks and External Partner compliance with their Information Security standards.
· Reporting Commitment to Executive Team and Audit Committee to ensure regular updates are provided
· Respond to and resolve 1st and 2nd line information security incidents within time periods specified in SLAs
· To review and approve Change Requests which may have a security impact as part of the Technical Change Approval Board
· Work with projects, IT and the wider business to create controls that reflect workable compromises as well as proactive responses to current and future information security & compliance risks
· Drive a culture of continuous improvement through the co-ordination and management of the information security, business continuity and GDPR compliance programmes
· Monitor information security trends internal and keeps business leadership informed about information security-related issues and activities potentially affecting the organization
- Demonstrated expertise in leading the development and execution of information security plans within a Global organisation
- Strong subject matter experience in application security, vulnerability testing and development of a risk appetite
- Proven ability to effectively apply risk principles to challenging business situations and successfully engage executive and senior leadership through this process
- Application Life Cycle management and application development experience in the context of a security framework.
- Educated to degree level with IT experience specifically within a large operational networking and security environment
- A recognised security qualification CISSP, SSCP, CISM
- ITILv3 qualification(s) or equivalent encompassing the full lifecycle of the ITIL process
- MBA Qualification
- Formally recognised project management qualifications (PRINCE2, Agile etc)
Benefits package :
Competitive market salary
Car or car allowance
Generous Company & personal Bonus scheme
DC Pension scheme
Holidays - generous holiday allowance
Other company benefits
This is an exciting opportunity to shape and influence the Information Security strategy for an ambitious market leader.
The role will follow a remote hiring and onboarding process.