Senior Information Security Officer

  • Anywhere
  • Anywhere

Hays.

A global Investment Management firm is looking to add an outstanding Senior Information Security Officer to their successful team based in the City of London.

As the organisations Info/Cyber Security SME you will be responsible for enhancing and developing the security stance of the firm globally. You will be supporting the business in ensuring that the Info/Cyber Security tools and processes are fit for purpose and tailored to any impending regulatory or external changes.

Duties & Responsibilities:

  • Be responsible for managing the development and on-going implementation of the Information/Cyber Security strategy and objectives.
  • Build and implement an ISMS.
  • Enhance and develop existing policy and frameworks
  • Have ownership and day to day management responsibility for all Cyber Security systems, applications, policies and processes.
  • Staff education, awareness and training of cyber security risks and preventative actions are regularly delivered via multiple channels and a robust cyber security communication plan.
  • Perform security risk assessments, providing guidance on the implementation of all projects with information security implications across the company.
  • Implement and maintain KPIs and metrics to allow the monitoring of compliance with security policies and procedures against industry standard/best practice.
  • Network and partner with other organisations to improve knowledge and approach.
  • Carry out full security audits (internal and external with relevant suppliers) and ensure compliance and best practice is adhered to.
  • Act as a key stakeholder in the identification of cyber security risk and the design and introduction of appropriate controls and mitigation.
  • Implement and improve procedures and processes to optimise information security effectiveness. The role will also include the management of cyber security incidents from second-line investigation through to resolution.
  • Ensure compliance with ISO27001, PCI DSS v3.2.1, GDPR, and other required FCA and broader global financial services compliance requirements
  • Supporting the implementation of security culture and embedding of security controls into business change and processes
  • Managing security for the allocated business units and teams to ensure programs are delivered and business operations are reviewed to identify high risk processes
  • Being the Interface between the business team and the broader technology teams internal and external
  • Assisting International level teams and capabilities to understand the business operations to enable security services to be optimised for all areas
  • Driving security awareness and education throughout the business units. Win hearts and minds and maintain a security culture
  • Proactively coordinating Cyber risk resolution
  • Supporting Security Solution engagement in Change Programs
  • Promote and champion best practices for Cyber Security, Risk Management, ITIL and service delivery

Experience and Qualifications Required

  • CISSP
  • 10 yrs minimum Cyber Security experience
  • Broad IT security management knowledge, skills and experience
  • Microsoft Windows Servers, Azure, O365 Security and Compliance
  • Data Leakage prevention experience
  • Forensic Investigations and Risk Management experience
  • Amazon Web Services (EC2, S3 & WAF) experience
  • Proven ability to build relationships with senior business and security stakeholders.
  • Excellent communication skills that can transcend technical and non-technical audiences
  • Experience with implementing or managing risk management processes and tools
  • The ability to work in a constantly changing and fast paced environment. Strong team ethic combined with determined approach to ensure completion of work
  • Relevant degree and professional security qualifications (alongside CISSP) such as CISA or CISM preferred or willingness to study for professional security qualification
  • Change management and information security risk & governance experience
  • Experience of compiling information for the purposes of internal and external audits/ regulatory commitments
  • Relevant cyber and security experience in financial services industry with a clear understanding of the relationship between risk and commercial requirements

Please send through an application if this sounds like a suitable role, one of our team will be in touch with the suitable individuals in due course.

To apply for this job please visit www.cybersecurityjobsite.com.

To apply for this job please visit www.cybersecurityjobsite.com.

Contact us

Hays.

Related Jobs