Chief Security Officer
We have an exciting opening for an experienced security professional to lead our security and compliance management team. You will work with a highly talented leadership team to deliver a world class IT service and security posture for the company globally.
Our established information security management system is ISO27001 certified and will be extended to cover greater scope in the future. You will also evaluate and plan the rollout of further security certifications in the future.
You will also support the business in working with clients and potential clients to assist in their review, audit and agreement of our company standards and identify and agree internally and with the client where additional procedures or tools' implementation is required to meet specific client requirements.
A key part of the remit is to ensure the company continues to apply to evolving Data Protection legislation and related standards, including GPDR.
About the job
You must be a motivated security professional with excellent communication and management skills, able to work with colleagues and clients to deliver appropriate security plans and improvements. You will report to the CEO and lead a team that works with the staff and managers across the entire business, covering all aspects of security and data protection.
- Responsible for the company’s information security, reporting to the CEO and Operating Board of D4t4 Solutions
- Working with the Information Security Systems Manager and Data Protection Officer to build and maintain our information security management system, ensuring compliance with ISO 27001 and other standards as agreed with the Operating Board
- Ensure the ISMS is implemented and supported throughout the company through documentation and training.
- Expand the scope of the ISMS to cover a broader range of our operations
- Ensure our security methods, tools and techniques stay abreast of developments in cyber security in order to deliver appropriate security for ourselves and our clients
- Work with operational staff to implement and maintain security methods and tools in delivery of our projects and services to clients
- Liaise with clients and potential clients to assist in their vendor assessments and identify and agree internally and with the client where additional procedures or tools implementation is required to meet specific client requirements
- Review new application and system implementation plans for compliance with our standards and review and subsequent changes that might impact security posture
- Sign off purchase requests for technology software, systems and services to ensure compliance with our Information Security Management System
- Manage Vendor assessments for our sub-contractors
Skills and Requirements
- Experience operating in a senior management or director level role in information security
- Experience in working in a service provider environment
- Experience working with cross-functional and geographically diverse teams
- Building and running an ISO 27001 and PCI or other security environment
- Understanding of all aspects of security including physical, access control, network security, personnel, business continuity, application design, vulnerability management and penetration testing
- Degree or higher level qualification in computing or related technologies
- CISSP or CISA qualification or similar