|Listed on:||6th April|
|Location:||Newcastle or Wokingham|
Locations: Newcastle or Winnersh (Wokingham)
People make Sage great. From our colleagues delivering ground-breaking solutions to the customers who use them: people have helped us grow for more than thirty years, and people are driving our future as a great SaaS company. We're writing our next chapter. Be part of it!
Experience has taught us that when our customers thrive, we thrive. As a team, we always start with what customers need. Through the good... and more challenging times. Innovating at pace so customers can manage their finances, operations and people. Every one of us shapes our culture at Sage - doing what's right and succeeding together, united by our commitment to each other. We encourage each other to grow in our roles, in our careers and as individuals.
Follow us on our social media sites below to join in conversations about career tips, open positions and company news! #lifeatsage #sagecareers. If you would like support with your application (or require any adjustments) please contact us for assistance. All qualified applicants will be thoughtfully considered and never discriminated against based on their race, color, age, religion, sexual orientation, gender identity, national origin, disability or veteran statu.
Within the Global Security team (50 colleagues), the Regional Information Security Officer will be in charge of representing the Global Security function in the UKI region and actively participate in strategic regional decisions. The successful candidate will act as a Security Business Partner and become the main contact for information security issues. They are expected to deliver risk assessments for global projects, maintain a central risk register, and deliver a security roadmap aligned with commercial and technology strategies as well as oversee the delivery of multiple security outcomes, such as incident investigations, vulnerability remediation, business requests, support on commercial proposals, amongst others. The successful candidate may or may not have direct reports, but they will be expected to work closely with global and local business leaders, including MDs and EVPs, to influence strategic decisions and provide advice on security threat landscape as well as insight on regional security gaps and priorities.
Create and maintain a local security strategy aligned with both regional and global objectives, focusing on finding solutions to enable business goals while managing information security risks.
Lead and oversee delivery of local initiatives to improve level of security on their regions.
Integrate Information Security into the project (and product) delivery lifecycle and carry out relevant assessment activities.
Communicate on security threats, assess, analyse risks and make recommendations to reduce identified risks.
Help colleagues improve local processes and procedures and embed Sage information security policy.
Provide ongoing support to business colleagues (acting as business partner) and facilitate delivery of global security initiatives in their regions of responsibility.
Liaise with various teams to coordinate regional information security activities such as incident response, colleague awareness training, delivery of security projects, amongst others.
Skills, know-how and experience:
Excellent business vision, analytical and decision-making skills are essential assets for the success of your mission.
At least 5 years of proven expertise in information security or computer technology
Practical experience in information security risk management and compliance activities.
Good understanding of regulations, standards and IT security frameworks such as Cobit, PCI DSS, ISO 27001, among others.
Cross-functional team player with ability to mentor less experienced peers
Technical / professional qualifications:
Leadership and ability to lead change across the company
Capacity to organize, coordinate and implement in both a global and regional context as required
Team player and business focused
Excellent oral and written communication
Pragmatic and problem-solving oriented
Good knowledge and experience of the principles of design and implementation of IT systems and the secure software development cycle.
A working knowledge of the EBIOS Risk Management Methodology is an additional asset.
Professional certification (CISSP, CISA, CISM or equivalent) is preferred
Past functional leadership experience desirable
Contact Name: Sage
Job ID: 2904155