Head of Risk & Information Security

  • Location


  • Discipline:

    Risk Management

  • Job type:


  • Salary:

    Competitive Salary

  • Consultant:


  • Email:


  • Job ref:


  • Published:

    over 2 years ago

Job Description:  Our client is a highly regarded Financial Services firm who are looking to recruit a Head of Information Security to help build an Information Security Management System for the business and be accountable for leading the risk management function with a focus on maintaining and enhancing the risk management strategy and framework across all categories of risk.

The role-

  • Overall responsibility for the risk management framework, policies, processes and systems across all risk categories.
  • Assume full ownership and accountability for the development and embedding of the Information Security Management System.
  • Lead the enhancement of the risk management framework, policies and procedures to ensure effective risk oversight that meets regulatory requirements.
  • Build and maintain strong relationships with key stakeholders across the firm and its group entities
  • Where appropriate, build and maintain relationships with third parties, including suppliers, regulators and professional bodies.
  • Develop a plan for the risk team that is aligned to the functional plan that delivers cost effective performance and drives continuous improvement, efficiencies and increased productivity.
  • Lead, motivate and develop the capability of the team to achieve delivery of the team plan.
  • Provide expert guidance on all aspects of risk management and categories of risk, assessing emerging internal and external threats.
  • Lead Risk’s input on new initiatives and sponsor relevant Risk projects.
  • Lead Risk oversight of business change processes.
  • Maintain an up to date knowledge of risk management good practice.

Key Requirements-    

  • Degree educated in a relevant discipline
  • Relevant information security (CISM/P) or risk management qualification
  • Significant experience (minimum of 5 years) of information security and risk management techniques (operational, business continuity, conduct, strategic etc).
  • Experience of implementing and maintaining an ISO27001 certified management system