Information Security Leader
Eden Scott's successful and high growth global brand are looking to recruit an experienced Information Security Leader. You will design, implement and lead the Company's Information Security Management programme to support effective protection of their information and technical assets, ensuring alignment with the company's compliance and regulatory requirements. Responsibilities: Lead, define and implement a risk based Information Security strategy and delivery programme to manage technology and information assets; continuously reviewing and improving policies and processes to reduce risk Establish appropriate standards and controls for Information Security and provide direction across the Company in this area and for the implementation of policies and procedures. Be the thought leader IT Security on the Technical Governance Forum and provide SME advice and insight with required security and compliance audits and vulnerability assessment for procurement of any new system Design and lead annual Information Security assessment with auditors to test for vulnerabilities across the internal and external facing environments, social engineering risks and External Partner compliance with their Information Security standards. Reporting Commitment to Executive Team and Audit Committee to ensure regular updates are provided Respond to and resolve 1st and 2nd line information security incidents within time periods specified in SLAs To review and approve Change Requests which may have a security impact as part of the Technical Change Approval Board Work with projects, IT and the wider business to create controls that reflect workable compromises as well as proactive responses to current and future information security & compliance risks Drive a culture of continuous improvement through the co-ordination and management of the information security, business continuity and GDPR compliance programmes Monitor information security trends internal and keeps business leadership informed about information security-related issues and activities potentially affecting the organization Experience required: Demonstrated expertise in leading the development and execution of information security plans within a Global organisation Strong subject matter experience in application security, vulnerability testing and development of a risk appetite Proven ability to effectively apply risk principles to challenging business situations and successfully engage executive and senior leadership through this process Application Life Cycle management and application development experience in the context of a security framework. Educated to degree level with IT experience specifically within a large operational networking and security environment A recognised security qualification CISSP, SSCP, CISM ITILv3 qualification(s) or equivalent encompassing the full lifecycle of the ITIL process Desired: MBA Qualification Formally recognised project management qualifications (PRINCE2, Agile etc) This is an exciting opportunity to shape and influence the Information Security strategy for an ambitious market leader. Comprehensive benefits package including bonus.