CISO - Information Security, Data & Cyber Security
Fantastic opportunity for a Director of Information & Cyber Security to move into a new CISO level role. This is a hands-on CISO level role. This is a remote home based role with travel as required. You will be accountable for protecting both the enterprise business and customers business from security threats and vulnerabilities. Responsible for creating, setting and ensuring adherence to the Information Security strategy and management of the total security threat landscape. This includes responsibility for effective cyber security management and driving relevant improvement programmes, ensuring these are clearly understood and met company wide.
In addition to the ongoing cyber security management responsibilities, you will also be responsible for ensuring the propositions, solutions, projects and services effectively to meet IS Security standards, aligned with best practice to ensure contractual obligations are met, minimising any potential Information Security vulnerabilities and threats for customers. This includes defining the technical security standards and tools required in order to deliver security by design in solutions and services to customers as well as across the internal infrastructure and systems.
Responsibilities include but not limited to:
- Provide input and direction to the Executive Leadership Team.
- Management and leadership of the Information & Cyber Security function, ensuring the operational delivery of all aspects of security are met.
- Working alongside the Assurance team, ensuring a framework for regular detailed Information Security & Cyber risk assessments and own the planning & implementation actions necessary to minimise threats and vulnerabilities.
- Extensive experience at enterprise level of implementing an effective security strategy to protect both business and customer assets and information in a regulated industry and/or IT service provider.
- Substantial experience of designing and implementing IT & Cyber security best practice for on-premise, hosted and private and public cloud solutions as well as IT systems.
- Experience of Service Provider IT & Cyber Security operations delivery
- Experience of defining and delivering IT & Cyber security strategy and operation
- Knowledge of sources of information in relation to the latest vulnerabilities, malware and viruses and of tools for effective management of these
- Potential network attack strategies and defences
- Network and host-based security best practices
- Detailed technical knowledge in Cisco, VMware and MS Product suites as well as security tooling such as DDoS, Sys Logging and IDS/IPS
- UK information security laws and standards and specifically ICO rules and regulations
- The process of auditing information systems
- Tools and best practice for protection of information assets including but not limited to DDoS, Access Controls, Systems Logging, Intrusion detection & prevention, Network security and forensics
- End point security
- Threat intelligence management and delivery of defence in depth where appropriate
- Detailed knowledge of security standards including Cyber Essentials, PAS 555, ISO/IEC 27032 ISO/IEC 27001, PCI-DSS and NIST CSF
Networking People (UK) is acting as an Employment Agency in relation to this vacancy.