Head of Information Security

Overview of the Head of Information Security role;

You will hold overall responsibility for leading the information security function (no current reports) and you will ensure employees, customers, shareholders as well at IT services and systems are well protected. You will be empowered to provide solutions across the areas of information security governance, risk management and compliance. This position is fundamental in implementing information security programmes, frameworks, risk management, controls and documentation in a relatively greenfield environment. You will be expected to provide guidance, technical advice, ownership and support to the business becoming the go-to person for all information security related matters.

Key responsibilities for the Head of Information Security;

• Design, articulate and lead on information security solutions and strategies. Become the subject matter expect within the firm.
• Define and embed an Information Security Policy Framework across the company that addresses the needs of the company's employees, contractors, suppliers, customers, shareholders and other external stakeholders in line with relevant legislation and industry standards.
• Ensure the successful delivery of any security related programmes.
• Provide Information Security reporting, KPIs, supplier risk management, risk-driven security input into projects and formulation of information security policies/standards.
• Champion information security awareness globally via methods such as CBT, communications, posters, steering groups etc.
• Cyber incident management and response.
• Input into the business's disaster recovery planning and recovery.
• Achieve and maintain any security certifications deemed as beneficial such as CyberEssentials and/or ISO 27001.
• Collaborate with Infrastructure, Service Desk, Digital Transformation and Project Management teams to foster a culture of innovation and continuous improvement that encourages professional development and personal responsibility.
• Working closely with the Internal Audit, Group Risk and Compliance team.
• Ensure any information security documentation is up-to date, relevant and format standardised.

Essential skills and experience for the Head of Information Security;

• Proven experience of delivering information security programmes and strategies.
• Able to lead discussions, present to peers.
• Able to identify suitable security partners/suppliers that enable us to reach our goals.
• Ability to learn and retain new information.
• Ability to work on own initiative. Self-starter and motivated.
• Excellent communication skills, both written and verbal.
• Excellent interpersonal and influencing skills.
• Ability to build internal and external relationships.
• Strong organisational and time management skills.
• Ability to work to deadlines.
• Positive and proactive approach.
• Technical background and technologically aware.
• Willingness to travel to international offices where required.
• CISSP, CISM, CISMP, SSCP are all desirable.
• Exceptional knowledge of Information Security frameworks and methodology such as CIS, ISO27001 & NIST CSF 2.0.
• Previous experience leading Information Security across a global business.
• Previous experience working in regulated environments where sound cyber security is a requirement.