Divisional Information Security Officer

Cantello Tayler Recruitment
London (Greater)
10 Oct 2018
08 Nov 2018
Contract Type
Full Time
Job Description: Divisional Information Security Officer


Being part of the Global IT Security team, the Divisional Information Security Officer will be responsible for delivering the global security agenda in the locations under remit, coordinating with the local teams the actions required.

The Divisional Information Security Officer will be also responsible to provide support to the divisional teams, ensuring that security is embedded in new initiatives and changes being deployed; taking special attention to any impact on PCI DSS, since our business is PCI Level 1 merchant.

The Divisional CISO will be responsible for Cyber Security Incident Response locally, coordinating locally and with the global team any action required in case of IT security incident.

Reporting Relationships

The Information Security Officer reports to the Global IT Security Head.

Key stakeholders will be the Infrastructure, Applications and POS teams, Internal Audit and business areas.

The D2 Information Security Officer will be responsible for supporting external security auditors as well as PCI QSA attestations.

Responsibilities & Duties

The Divisional Information Security Officer will:

* Work as part of the Global Security team, collaborating in Global Security initiatives and having primary responsibility on the delivery and support to the Division countries;

* Review and approve the design and implementation of security systems;

* Adapt and implement global security policies, controls and drive security awareness initiatives in the Division;

* Make sure that cyber security policies and procedures are communicated to all personnel and that compliance is enforced;

* Maintain and Review the company’s Incident Response Plan, and use it to review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities;

* Maintain a current understanding the IT threat landscape for the industry;

* Ensure compliance with the changing laws and applicable regulations. Specific to PCI and GDP and any other local regulation;

* Translate that knowledge to identification of risks and actionable plans to protect the business;

* Brief the executive team on status and risks, working with the Global CISO to define a remediation plan and strategy; and

* Communicate best practices and risks to all parts of the business, outside IT.

Qualifications and Experience

* Demonstrated at least 5 years in Information Security for businesses in the Retail Industry;

* Computer science engineer or information systems degree;

* CISM, CISSP and PCIP are a plus;

* Demonstrated leadership and team-building ability in this field;

* Demonstrate a dynamic up-to-date grasp of the evolving environment in Cybersecurity, and the aptitude and ability to maintain it

Similar jobs

Similar jobs