Head of Information Security
Posted 10 days 8 hours ago by Bestmansolutions
Our client is a forward-thinking customer focused firm committed to safeguarding their information assets. As they expand their Cyber Security function, they are seeking a dynamic and experienced Head of Information Security to join their team. This role is pivotal in supporting the Chief Information Security Officer (CISO) and ensuring the enterprise's information security management program is robust and effective. About the Role As the Head of Information Security, you will play a crucial role in protecting our client's information assets and ensuring compliance with regulatory requirements. You will deputize for the CISO in all areas of Cyber Security, identifying, evaluating, and reporting on information security risks. This senior role demands a strong knowledge of information security technologies and the ability to work closely with executive management to determine acceptable levels of risk. Key Responsibilities:
- Support the CISO in achieving the Information Security vision, governance, strategy, and roadmap.
- Develop, maintain, and publish up-to-date information security policies, standards, and guidelines.
- Oversee vendor risk management and assess risks from partners, consultants, and other service providers.
- Manage and enhance information security and risk management awareness training programs.
- Provide regular reporting on the status of the information security program to senior business leaders and the board of directors.
- Develop and implement an information security management framework based on ISO 27001 and NIST Cyber Framework.
- Manage security incidents and events to protect corporate IT assets and the company's reputation.
- At least five years of Cyber Security experience as a manager.
- Strong understanding of the business environment and ability to maintain secure information systems.
- Proven experience in defining and managing SOC services.
- Excellent communication skills and ability to present to senior business leaders and boards.
- Knowledge of information security policies, standards, and frameworks (ISO 27001, NIST).
- Experience with vendor risk management and training programs.
- Ability to manage complex security incidents and events.