You are here
Head of Information Security & Risk - CISSP, CISM, ISO27001
- Unique Opportunity - Green Field Position within FTSE 50 organisation
- Creation - Acquistion - Merger - BAU - Build Team - Report to CIO - £M budget
About Our Client
Newly created blue chip business within a stable and essential industry. The organisation will employ thousands and invest billions every year.
The Head of Information Security & Risk will be responsible for:
- Formulate (including budgeting), promote, implement and regularly review Risk and Security Strategy, including innovation, regulatory opportunities and the policy and standards framework.
- Building a team of internal and 3rd party capability to support and implement the strategy that has been developed, and ensure that the team is delivering the strategy and targets
- Conduct Information Security risk analysis and management, relating to both technical and non-technical contexts and both project and BAU environments
- Coordinate all security, ensuring that all areas of the business (including partners/suppliers) deliver agreed security requirements. Establish and run the Security Committee, comprising IT and business/partner representatives.
- Undertake security audits and be responsible for ensuring and enhancing the security awareness of all employees and partner organisations.
- Be a key member of the CIO's senior management team and work closely with colleagues to add value to all areas of technology, business and commercial decisions.
The Successful Applicant
To be considered for the Head of Information Security & Risk, you will need to demonstrate the following skills and experience:
- Track record of success in defining and delivering an IT security strategy across a large, complex, organisation with a mixture of legacy and new technology and ideally where IT security is truly mission critical.
- Experienced people manager able to build and develop a team
- Ability to communicate effectively and present on IT security issues at all levels within an organisation up to board level and explain complexity in plain language.
- Possessing impact, gravitas and credibility with external stakeholders, the business and within the IT function. Excellent stakeholder management skills which influence and inspire trust and confidence.
- A confident leader who can enthuse by demonstrating clarity of vision, depth of expertise and a passion for shared success.
- An individual with strong leadership qualities, a pragmatic, proactive, positive and innovative outlook and the ability to think outside of the box.
- A strong influencer, collegiate in approach and able to collaborate with external bodies, IT and business colleagues.
- Significant business acumen and ability to assess risk appetite and propose mitigation strategies for technical risk at a macro and micro level.
- Commercially astute with a true understanding of the importance of sound financial decisions.
- Tenacious and determined with a true belief in and passion for security.
- CISSP qualified with knowledge of industry standards and methodologies, including ISO 27001, 17799 and BS 7799, COBiT and/or CRAM. CISA or equivalent audit qualification would be desirable.
What's on Offer
To attract the most talented individuals, a competitive package is on offer