Group Information Security Director (infosec)
Group Director of Information Security (infosec) for a FTSE250.
Leadership role reporting into the Executive Board.
About Our Client
Leading FTSE250 who are in flight through a large transformation.
Group Director of Information Security (infosec) for a leading FTSE250 to play a critical role in directing strategy, operations and the budget for the protection of the enterprise information assets.
Group Director of Information Security
- Direct and approve the design of security systems;
- Create, review and maintain security policies, controls and cyber incident response planning;
- Approve identity and access policies;
- Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities;
- Maintain a current understanding the IT threat landscape for the industry;
- Ensure compliance with the changing laws and applicable regulations;
- Translate that knowledge to identification of risks and actionable plans to protect the business;
- Schedule periodic security audits;
- Oversee identity and access management;
- Make sure that cyber security policies and procedures are communicated to all personnel and that compliance is enforced;
- Manage all teams, employees, contractors and vendors involved in IT security, which may include hiring;
- Provide training and mentoring to security team members;
- Constantly update the cyber security strategy to leverage new technology and threat information;
- Brief the executive team on status and risks, including taking the role of champion for the overall strategy and necessary budget;
- Security Awareness, communicate best practices and risks to all parts of the business, outside IT.
The Successful Applicant
Group Director of Information Security (infosec)
- (1)Held the senior role of Director / Group Director of Information Security leader to complete the transformation.
- (a) Proven at delivering IS enterprise solutions with a risk based approach (as opposed to compliance based approach).
- (b) Worked enterprise wide and with a wide knowledge of security technologies.
- (2) Ability to define strategic plans and drive to execution (influence at C level)
- (3)IS leadership - defined and delivered strategy in sales led global multi-site businesses e.g. media, consumer, sales, recruitment
- (4)Knowledge of laws and regulations related to data protection and security as well as available certifications
- (5)Knowledge of all aspects, commercial and technical of IT security architecture.
- Ability to define strategic plans and drive to execution.
- Management, negotiation & influencing skills.
- Communicate both written and verbally with all levels of staff and clients.
- Act in the best commercial interests of the group to mutual benefit of all stakeholders.
- An analytical thinker, proven self-starter with high levels of drive.
- Strong interpersonal skills to be able to communicate complex security matters to diverse audiences.
- Strong management skills - to manage and define activities of small but highly technical team.
- Strong planner - to plan and prioritise demand work schedule - specifically with contained budget and skills.
What's on Offer
130k to 140k + bonus + benefits