Login
Register
instagram
07989475537
Menu
About Us
Industry Sectors
The Team
Jobs
Events
Privacy Statement
Login
Register
Job Search
Any Type
Permanent
Contract
Any Discipline
Business Continuity
Business Risk/Compliance
IT Audit
IT/Information/Cyber Security
Information/Business Risk
Developers/DevSecOps
Sales
Any Location
Berkshire
Bristol
Buckinghamshire
Cambridgeshire
Cheshire
Cornwall
Cumbria
Derbyshire
Devon
Dorset
Durham
East Sussex
East Yorkshire
Essex
Gloucestershire
Hampshire
Hertfordshire
Kent
Lancashire
Leicestershire
London
Lincolnshire
Manchester
Middlesex
Newcastle upon Tyne
Norfolk
Northamptonshire
Nottinghamshire
Oxfordshire
Shropshire
Somerset
Staffordshire
Suffolk
Surrey
West Sussex
Warwickshire
Bedfordshire
West Midlands
West Yorkshire
Wiltshire
Worcestershire
Scotland
Wales
Denmark
Qatar
New Item
Anywhere in the UK
Home
M25
Indian Ocean
This field contains illegal characters.
Sorry, this advert is now closed. Click
here
to view our live vacancies.
Head of Information Security
-
Indian Ocean
Generous expat package
-
IT/Information/Cyber Security
Ref:
180
Date Posted:
Monday 28 Oct 2024
Title: Head of Information Security
Reference No: 2145
Company: Financial Services
Location: Indian Ocean
Reports to COO
Salary: Competitive expat package
The Role
Over the years the Bank has implemented numerous initiatives as part of its Digital Strategy and amongst others has developed a modern and performing Information System. In a continuously evolving environment where the pace of delivery is a strong competitive advantage, the Bank continues to invest and innovate to deliver new products/functionalities and a world-class customer experience to its customers.
Main job purpose
Partners at all levels of the organization to develop, implement, and execute an organization-wide Information Security strategy that optimizes employee capabilities, achieves the organization's strategic objectives, and delivers competitive advantage.
The Head of Information Security is a high-level executive responsible for the development, implementation, and management of the organization's information security and cybersecurity strategy. He plays a critical role in safeguarding sensitive data, ensuring regulatory compliance, and mitigating cyber threats.
Key responsibilities:
1. Information Security Strategy:
Develop and communicate the organization's information security strategy, vision, and goals to executive leadership and stakeholders.
Align information security initiatives with business objectives.
2. Cybersecurity Operations:
Oversee day-to-day cybersecurity operations, including incident response, threat detection and vulnerability management.
Monitor and analyze security alerts, breaches, and incidents, taking appropriate actions to mitigate risks.
3. Works with Risk Management:
Identify, assess, and prioritize information security risks and vulnerabilities.
Develop and implement risk management strategies and controls to protect critical assets.
4. Security Governance and Compliance:
Establish and maintain information security policies, standards, and procedures.
Ensure compliance with industry regulations (e.g., GDPR, HIPAA) and data protection laws.
Liaise with regulatory bodies and auditors as necessary.
5. Security Architecture and Technology:
Evaluate, recommend, and implement security technologies, tools, and solutions to protect the organization's IT infrastructure and data.
Collaborate with IT teams to integrate security measures into technology projects.
6. Incident Response and Recovery:
Develop and maintain an incident response plan and procedures.
Lead incident response efforts in the event of a security breach or cyberattack.
7. Project Management:
Together with Technology and Risks, manage projects related to cybersecurity and data security infrastructure
Program Management of FFIEC Maturity
8. Vendor and Third-Party Risk Management:
Assess and manage security risks associated with third-party vendors and suppliers
Manage or participate in the management of specialized vendors: SOC, Red Team, Forensic Service Provider, Legal / Crisis Service Providers
Review and negotiate security clauses in vendor contracts.
9. Security Metrics and Reporting:
Define and track key security performance metrics and key performance indicators (KPIs).
Provide regular reports on the organization's security posture to executive leadership and the board.
10. Budget Management:
Develop and manage the information security budget, allocating resources effectively to support security initiatives.
Qualifications:
Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST.
Industry certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or equivalent.
Education:
Bachelor's degree in information security, cybersecurity, computer science, or a related field. A master's degree (e.g., MS in Information Security or MBA) may be preferred.
Experience:
At least 12 years of experience in a combination of risk management, information security and IT jobs
Extensive experience in information security, with proven track record.
Deep knowledge of cybersecurity principles, technologies, and best practices.
Familiarity with relevant regulatory and compliance frameworks.
Strong leadership, communication, and interpersonal skills.
Crisis management and incident response experience.
Ability to work collaboratively with cross-functional teams.
Specialized Skills:
Excellent written and verbal communication skills and high level of personal integrity
Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams
Expertise in IT and cyber security
Supervision:
Team of 15 people