Overview

Our client, a leading organization in the finance sector, is seeking an experienced Head of Information Security to lead their information security initiatives.

Reporting to the Chief Technology Officer (CTO) and collaborating closely with the Head of Infrastructure Services & Security Operations, the successful candidate will play a pivotal role in developing and implementing a comprehensive information security strategy across the organization.

Key Responsibilities:

  • Develop and execute a robust group-wide information security strategy in collaboration with the CTO and Head of Infrastructure Services & Security Operations.
  • Establish and lead a high-performing information security function to implement and enhance the information security governance, risk, and compliance framework.
  • Ensure alignment of the information security framework with recognized standards and oversee accreditation processes such as Cyber Essentials Plus and ISO27001.
  • Maintain compliance with PCI-DSS requirements and ensure adherence across all business operations.
  • Lead the development and enhancement of the Data Loss Prevention strategy, products, and processes to adapt to evolving business needs.
  • Cultivate a security-aware culture and drive continuous improvement initiatives across the organization.
  • Chair working groups to steer the information security posture throughout the business.
  • Generate and deliver information and cyber security reports and updates for the Executive Team and Boards across the Group.
  • Develop and manage the cyber risk management program to effectively monitor threats and vulnerabilities.
  • Implement an assurance program to identify information security risks and drive control improvements, including supplier due diligence in the supply chain.
  • Collaborate with the Project Team to ensure security-by-design principles are integrated, and information security risks are appropriately managed.
  • Establish and maintain policies, procedures, and guidance, including delivering information security training and awareness programs to employees.
  • Take a leadership role in incident management and response, including the development of incident management capability and strategy.
  • Contribute to the monitoring of emerging threats and threat intelligence in collaboration with Security Operations.

Qualifications:

  • Bachelor’s degree in Computer Science, Information Technology, or related field. Advanced certifications such as CISSP, CISM, or CISA are preferred.
  • Extensive experience in information security management roles, with a proven track record of developing and implementing security strategies in complex environments.
  • Strong knowledge of information security standards, frameworks, and regulations (e.g., ISO27001, NIST, GDPR).
  • Experience with PCI-DSS compliance requirements.
  • Demonstrated leadership skills with the ability to build and motivate high-performing teams.
  • Excellent communication and stakeholder management skills, with the ability to present complex technical concepts to non-technical audiences.
  • Strong analytical and problem-solving abilities with a proactive and pragmatic approach to risk management.

Salary: £80,000

Working Arrangements: 3 Days Onsite / 2 Days Remote (Liverpool)

This job was originally posted as: https://thecareerwallet.com/stats/track/MTUyNzUyODE0Ny18LTE0NS18LTcw

Apply for job