Head of Information Security

Posted 23 August 2024
Job type Permanent
Reference65194
Contact NameHassan Haq

Job description

Job Title: Head of Information Security

Location: Hybrid

Duration: Perm

Salary: Up to £80k

Start Date: ASAP

 

Key Skills:

  • Extensive experience in ISO 27001, including implementation, maintenance, and certification of an ISMS within a technology organization. Certification as an ISO 27001 Lead Implementer is advantageous.
  • Proven track record of working with external UKAS-accredited auditing bodies, effectively managing and owning the ISO 27001 external audit program.
  • In-depth experience as an internal ISMS auditor. ISO 27001 Lead Auditor certification is highly desirable.
  • Practical experience with the application of controls and compliance standards, including PCI DSS and Cyber Essentials.
  • Strong knowledge of IT security-related hardware, software, and vendor solutions, with the ability to apply best practice security principles to mitigate and manage risks.
  • Solid understanding of network protocols and the secure software development lifecycle, including web and mobile applications. Experience in providing security sign-off on product design is essential.
  • Extensive experience working with diverse teams across an organization to integrate and enforce information security requirements.
  • Hands-on experience in implementing and maintaining a Privacy Information Management System (PIMS) in line with GDPR compliance.
  • Experience working directly with customers to manage their compliance obligations, audits, and due diligence processes in a timely and organized manner.
  • Exceptional organizational skills with the ability to oversee and maintain complex governance processes.
  • Attention to detail is critical, ensuring all documentation is precise and error-free.

 

Skills:

  • 4+ years of experience in an information security role, with a particular focus on ISO 27001.
  • You are a self-motivated, logical thinker who can adapt to a busy environment, taking initiative to solve problems independently.
  • You possess a naturally inquisitive nature paired with a positive attitude and a strong desire to learn and coach others.
  • Your exceptional organizational skills allow you to manage your time and workload efficiently.
  • You have a friendly and approachable demeaner but can be assertive when the situation calls for it.
  • Ideally, you hold a degree in Computer Science, Information Security, or a related field.
  • Professional qualifications in ISO implementation and auditing are highly regarded, though relevant industry experience and a proven track record are more critical.
  • Direct experience in implementing and maintaining an ISMS, including leading one or more organizations through ISO 27001 certification, is essential.
  • ISO 27001 Lead Implementer and Lead Auditor certifications are highly desirable.
  • Experience with the following standards is beneficial: PCI DSS, UK Cyber Essentials Plus, ISO 27701 (Privacy Information Management), ISO 27017 (Cloud Security), ISO 9001 (Quality Management), and ISO 22301 (Business Continuity).