Deputy CISO
Deputy CISO required by my global client. Due to a major increase in workload my client is looking for an experienced Information Security professional to join their organisation and become the Deputy Chief Information Security officer. This is a critical role for the businesss and they need someone that has a minimum 7 of years hands on experience in a senior Information Security role. This is a company where you can have a real career rather than just a job.
Your responsibilities, will be as follows:
• Implement Governance, Cyber Security and Privacy frameworks to meet legal and regulatory requirements.
• Provide leadership for the development of modern cyber security, governance, polices and standards which are relevant and achievable.
• Liaise with Company leadership to ensure alignment of Cyber Security and compliance initiatives with business objectives.
• Foster the execution of cyber security as a business enabler.
• Create and design overarching policies such as the corporate compliance policy, security compliance and risk policy, product security policy, information security policy, security audit and change policy, corporate audit and change policy and any other relevant policy.
• Ensure sub polices, processes and procedures are aligned with corporate guidelines and regularly reviewed.
• Create and manage a corporate compliance register, supplier register, contract register & risk register ensuring alignment with departmental versions.
• Create and manage a corporate governance pack that will formalise risks, document control, processes, objectives etc.
• Take part in and monitor external audits and surveys including ISO and Denison.
• Perform regular information audits across the business ensuring compliance with GDPR/PECR.
• Represent the company at tech events, industry forums and government bodies.
• Analyse the changing market environment and ensure product roadmaps are aligned with governance and security requirements.
• Assist with the internal SDLC processes and monitor any issues, vulnerabilities or compliance notifications in development creating adequate quality gates to monitor products. • Ensure Open Source Governance Standards are maintained, licences reviewed, and obligations fulfilled.
• Monitor the external threat landscape and produce reports detailing the risks to the business.
• Ensure BCDR Plans have been created and are regularly tested.
• Monitor patch releases and ensure IT and Service Ops are kept up to date of any risks.
• Ensure Pen Testing takes place to highlight any security issues with products and manage any remediation activities that need to occur.
• Perform security audits, BCDR audits, risk assessments and change reviews identifying any areas for improvement and managing the remediation activities.
• Set up and maintain an internal audit programme ensuring companywide oversight.
• Act as the companies Data Protection Officer • Manage and mentor a team of security and compliance practitioners
Your responsibilities, will be as follows:
• Implement Governance, Cyber Security and Privacy frameworks to meet legal and regulatory requirements.
• Provide leadership for the development of modern cyber security, governance, polices and standards which are relevant and achievable.
• Liaise with Company leadership to ensure alignment of Cyber Security and compliance initiatives with business objectives.
• Foster the execution of cyber security as a business enabler.
• Create and design overarching policies such as the corporate compliance policy, security compliance and risk policy, product security policy, information security policy, security audit and change policy, corporate audit and change policy and any other relevant policy.
• Ensure sub polices, processes and procedures are aligned with corporate guidelines and regularly reviewed.
• Create and manage a corporate compliance register, supplier register, contract register & risk register ensuring alignment with departmental versions.
• Create and manage a corporate governance pack that will formalise risks, document control, processes, objectives etc.
• Take part in and monitor external audits and surveys including ISO and Denison.
• Perform regular information audits across the business ensuring compliance with GDPR/PECR.
• Represent the company at tech events, industry forums and government bodies.
• Analyse the changing market environment and ensure product roadmaps are aligned with governance and security requirements.
• Assist with the internal SDLC processes and monitor any issues, vulnerabilities or compliance notifications in development creating adequate quality gates to monitor products. • Ensure Open Source Governance Standards are maintained, licences reviewed, and obligations fulfilled.
• Monitor the external threat landscape and produce reports detailing the risks to the business.
• Ensure BCDR Plans have been created and are regularly tested.
• Monitor patch releases and ensure IT and Service Ops are kept up to date of any risks.
• Ensure Pen Testing takes place to highlight any security issues with products and manage any remediation activities that need to occur.
• Perform security audits, BCDR audits, risk assessments and change reviews identifying any areas for improvement and managing the remediation activities.
• Set up and maintain an internal audit programme ensuring companywide oversight.
• Act as the companies Data Protection Officer • Manage and mentor a team of security and compliance practitioners