A fantastic opportunity has arisen for a Head of Information Security to join our Information Solutions division. Job Purpose:
- The Head of Information Security will manage the team and undertake the daily tasks needed to facilitate the smooth running of the IT security estate within the wider organisation.
- Production and maintenance of all procedural documentation, as well as an input into architectural decisions will form part of the daily tasks.
- Ownership of the day to day security operations and cyber incident response, from both a process and technical level
- Responsible for risk identification and management of remedial activities for all Information Security concerns for the organisation
- Responsible for all aspects of Audits undertaken, both internal and external. The organisation is subject to ISO27001, ISO22301, Cyber Essential Plus and Sarbanes Oxley
- Responsible for the management of the Information Security Management System (ISMS)
- Line management of at least 1 direct report, weekly team updates, bi weekly 1-2-1’s, bi monthly appraisal updates.
- Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action
- Manage the evaluation process for third party supply chain partners from a cyber security risk perspective
- Manage any forensic or investigative activities for any Information Security incident / breach
- Lead the GDPR Subject Access Request process alongside the Data Manager
- Work with IT architect to provide active defence and proactive plans to security incidents.
- Manages security operations to include, SIEM, threat hunting, Antivirus, IDS and threat Intelligence
- Responsible for all areas of Cyber Security including Identity and Access Management, Alerting & Monitoring, security tools and cyber processes, vulnerability management, assets and software development security as well as security infrastructure
- Demonstrable IT Security Operations management experience and delivery of results.
- Demonstrable experience in creating and operating and ISMS certified to ISO27001
- Advanced security qualifications such as Security +, CEH, GCIA, GCIH, CISSP or similar
- Proven knowledge and or qualifications for end point and networking security solutions
- Experience and understanding of sound networking principles.
- Experience of designing and implementing off-the-shelf and bespoke security tooling such as anti-virus, data loss prevention, web application firewalls, firewalls, VPN, etc. – Namely: Palo Alto, Blackberry Cylance, SonicWall, Microsoft DLP and AIP
- Requirement for UK wide travel
- Requires regular overtime working
To apply for this job please visit www.cybersecurityjobsite.com.