Job Description Head of Information Security required for online retail business. The role will initially be focused on ISO27001 & ISO9001 recertifications.
Responsibilities
Lead on information security strategy and implementation of security roadmap
Develop security KPIs and track their progress
Advise senior management on risk levels and any changes impacting security posture, including emerging threats
Create, maintain, and implement information security policies
Continuously validate the firm against policies and procedures to ensure compliance against ISO 27001, ISO 9001, Cyber Essentials+, and GDPR
Manage and continuously improve of the firms Information Security Management System
Oversee the information security training and awareness program
Lead on internal and external audits and track audit findings through to mitigation
Identify and communicate emerging security threats with relevant stakeholders
Provide security due diligence in procurement processes and oversee continuous supplier assurance
Manage security incidents and coordinate incident response processes
Select and implement GRC controls and assisting in selection and implementation of information security technologies
Identify security requirements specific to an information technology (IT) system in all phases of the system life cy...