Head of Information & Cyber Security

Candidate Criteria:

• Strong experience of security governance and business stakeholder management.
• Demonstrable work experience delivering effective business and technical security solutions, processes, tools and high performing teams.
• Experience of operating within and contributing to Information Security Management System environments.
• Experience of compliance standards e.g.: ISO 27001; PCI DSS; ISO31000; and ITIL.
• An understanding of the Data Protection Act 1998 and the General Data Protection Regulation (GDPR).
• Either a recognised Information Security qualification, or working towards a relevant certification (e.g. CISA, CISM, CISSP, CRISC, ISO 27001 Lead Auditor Certification, and / or Membership of the Institute of Information Security Professionals), or commensurate experience.
• Defining, designing, implementing and operating internal and outsourced services and Cloud service provision including eg: PaaS, SaaS, IaaS.
• Strong experience of the systems and associated operations relating to SIEM, IDS / IPS, Vulnerability Scanning / Penetration Testing, Mobile Device Management.
• Ability to influence at all levels

Job Role:

• Implement the Information/Cyber Security strategy and ensure measurement of progress through performance metrics and plans.
• Work collaboratively with peers to meet and exceed Cyber Security contribution to company objectives.
• Champion continuous improvement throughout the function – develop and progress opportunities.
• Ensure all Cyber Security change management projects have robust business cases, governance and project management, continuously driving improvements.