Salary/day rate negotiable
MERJE are currently partnering with a fast growing and international technology business who are looking for a Head of Information Security to join their growing team.
• Define and embed an Information Security Policy Framework across the company that addresses the needs of the company’s employees, contractors and other external stakeholders in line with relevant legislation and industry standards.
• Provide advice and direction to the Senior Management Team (SMT) in the integration of security practices into the company’s strategic and operational processes.
• Drive and deliver change to the company’s Information and Cyber Security systems, processes and procedures by continuously analysing and reviewing. new security technologies and practices as informed by industry best practice
• Report to SMT and management groups on Compliance, Information and Cyber Security matters.
• Develop and lead an effective Risk and Compliance team, retaining and attracting key talent to ensure continuous improvement in team member competencies, skills and knowledge.
• Establish and maintain clear and measurable Information and Cyber Security strategic plans and objectives.
• Collaborate with internal stakeholders to foster a culture of innovation and continuous improvement that encourages, engages and supports a high level of professional development and personal responsibility.
• An excellent understanding of best practice within Information Security and risk management including standards such as ISO 27001, SOC2 and Cyber Essentials
• An excellent understanding of legislation and regulations that impact Information Security e.g., Data Protection Act (2018), Freedom of Information Act, PCIDSS
• An understanding of current and emerging threats and countermeasures and the organisational challenges to addressing these threats
• An understanding of Application Security threats and countermeasures
• A good practical knowledge of security technologies and wider business solutions including Firewalls, IDS/IPS, Identity and access management, SIEM, remote working and cloud technologies