Head of Information Security, 90-100K

Job Description

Head of Information Security, 90-100KA senior member of the CISO Team, supporting and driving the maturing of Information Security and Compliance across the Group. This role principally sets, oversees the implementation of, and provides on-going monitoring/auditing of the current environmentto establish the required security standards agreed with CISO in line with Business requirements and Customer expectation.Policies, Processes and Security MeasuresTo analyse specific security environments across the Group as agreed with the CISO and identify improvements. This will be accomplished through a project life cycle starting by writing a Project Initiation Document (PID) which defines the area to be investigatedor evaluated and is completed by agreed documented recommendations with dates for completed remediation, by the relevant identified areas. The role is responsible to ensure completion to an agreed timetable.To coordinate regular (quarterly) Infrastructure Reviews in support of certifications under the roles remit, across the global estate by conducting assessments of the Platforms and Corporate systems. The role is responsible for reports which makes recommendationsto the CISO to minimise any identified risks, obtain an agreed timetable for remediation (entered in to the Compliance Calendar) and ensure any work is completed to the timetable.To work closely with the CISO and Quality and Compliance Executive to provide assurance that policies and procedures for Information Security are effective and are adhered to by sampling different areas across the global business (performing internal auditsor ensuring they are performed as appropriate). To maintain a list of areas for consideration and sample at least two areas each quarter. As a result of the sampling, use the findings to be proactive in making recommendations for updates to policies and procedures,as required.To liaise with agreed external security agencies (where required) and ensure that any information requested is provided on a timely and secure basis.To keep up to date with security trends, threats and control measures.ISO CertificationsTo take responsibility for the continued achievement of ISO27001 and ISO9001 certifications for the UK and any other certifications as directed by the CISO from time to time. Responsibility includes the implementation of recommendations, driving externaland internal audit requirements/outputs and ensuring arrangements for certification are made and prepared for fully.To support the Quality and Compliance Executive in ensuring the required Certifications are maintained across the Global landscape. The role will produce monthly reports for presentation to the CISO on those items covered by the certification that are requiredfor examination by the internal and external auditors. The jobholder is to take responsibility for ensuring that the timing and preparation for audit visits which may be co-ordinated and arranged by the Quality and Compliance Executive are entered in the ComplianceCalendar.To provide support and consultation to the CISO as required across other certifications.Misc Duties in Support and Conjunction with CISOTo undertake projects, tender responses and other information security actions in support of the CISO team and Business objectives and plans.Bachelors Degree/equivalent in Computer Science or related subject, or substantial alternative experienceSecurity-related certifications.Substantial experience of managing IT Security, typically of at least five yearsThe ability to communicate effectively with all areas of the business and external vendors to get support and informationExperience of managing projectsExperience of working in a business processing sensitive customer dataIT/telecoms experience, preferably SaaSHead of Information Security, Berkshire, Slough, Bracknell, Maidenhead, M4 CORRIDOOR

Keyskills :
CCIECISSPTeam LeadershipInformation Securityhead of information security