Head of Information Security
Recruiter
Listed on
Location
Salary/Rate
Type
Start Date
This job has now expired please search on the home page to find live IT Jobs.
Head of Information SecurityInformation Security professional required to facilitate enterprise-scale organizations in delivering secure IT systems for this burgeoning Fintech organisation Responsibilities for the role include:Co-ordination of all ISMS and all associated documentation and materials to manage the Information Security audit and certification process (e.g. ISO-27001)Providing governance within our ISMS to ensure compliance, including:managing various Information Security projects and initiativesownership of our Information Security risk management processesproviding relevant MI to senior management and report regularly about ongoing security efforts and initiativesworking across the business to identify areas for continuous improvement and any compliance concernsDay to day line management of a small team of Information Security specialists.Management and timely execution of all day to day security procedures (security incident management, information transfer etc) allowing the business to operate efficiently in a secure manner.Providing assurance to the security architecture and design patterns for all IT and Cloud systems deployed and used by the client.Providing subject matter expertise and a point of escalation for any requests for information from parties who have an interest in our ISMS.Manage our supplier assurance process, including pre and post-contract assessment of suppliers. Successful candidates will have the following:An industry recognised certification such as CISA, CISM, CISSP, or, for exceptional candidate, is working towards one of these certifications.Experience in helping organizations achieve and maintain ISO-27001 accreditation.Demonstrated capability at maintaining relationships with senior stakeholders (internal and client), explaining security concepts and taking a pragmatic but robust approach to security risk management.Experience managing multiple projects simultaneously and is comfortable with regular context-switching.Experience growing and maintaining a security team, mentoring, and focusing on career development.A pragmatic approach to security and compliance.Experience in providing Infosec assurance to technical teams implementing:company and BOYD device securitycloud computing platform securitysupplier provided SaaS systemsapplication security and the SDLC for proprietary/bespoke software product developmentmonitoring systems and procedures to ensure compliance in a cloud-based environment.
