Purpose of the Role & Team Profile
The Information Security Lead, Mergers and Acquisitions (M&A) is responsible for directing the Information Security aspects of mergers and acquisitions activities, including due diligence, integration, and divestiture. The Information Security Lead, M&A will work closely with the M&A team, business units, and external partners to identify, assess, and mitigate information security risks and ensure compliance with expected policies and standards.
We are looking for a hands-on Information Security Lead with strong wide background in Information Security, and specifically in acquisition and divestments related to Information Security.
Key Areas of Responsibility:
* Manage the information security due diligence process for potential M&A targets, including conducting security assessments, reviewing security documentation, and validating security controls.
* Identify and prioritise security risks and gaps and provide mitigation strategies and action plans.
* Coordinate and execute security integration or separation activities
* Communicate and report on security status, issues, and risks to senior management and relevant parties.
* Develop and maintain security documentation, such as security plans, checklists, and guidelines.
* Manage the continuous improvement of the security M&A process and best practices.
* Develop and execute information security integration plans for acquired entities, ensuring alignment with the security strategy, architecture, and best practices.
* Coordinate the information security aspects of divestiture activities
* Provide information security guidance and support to the M&A team, business units, and external partners throughout the M&A lifecycle.
* Manage information security risks and issues related to M&A activities and escalate as appropriate.
* Monitor and report on the information security status and performance of M&A activities and provide recommendations for improvement.
* In addition to the responsibilities outlined above, the Information Security Lead, Mergers and Acquisitions will also be expected to support the CISO with other Information Security demand during downtimes, as needed.
The M&A Information Security Lead will work closely with the Group CISO and the Information Security Management Team
Key Outputs and Outcomes
* Thorough Information Security due diligence complete
* Identify and report on security risks and gaps
* Coordination and execute of Information Security integration or separation activities
* Deliver continuous improvement of the Information Security M&A processes
Measures of Success
* Successful completion of Information Security due diligence
* Information Security risks identified and reported earlier in the due diligence phase
* Manage the successful coordination and execution of Information Security integration or separation activities
* Delivered continued improvement of the Information Security M&A processes
Qualifications
What we're looking for
The ideal candidate profile will include the following points:
* 5+ years in a similar role in a large complex international organisation
* The ability to interact with Informa colleagues, build good relationships at all levels and across all business units and organisations, and the ability of influence stakeholders of all levels
* Highly self-motivated and directed, with keen attention to detail
* Good knowledge of Security frameworks including ISO27001/NIST/SANs
* Experience of working at scale across multiple technology and business domains
* Proven stakeholder management in large and complex business
* Demonstrated curiosity and innovative thinking with a passion for problem-solving
* Self-discipline and willingness to learn new skills, tools and technologies
* Excellent verbal and written communication skills
Candidates should be working in the security industry or certified if one or several areas of security, including Certified Information Systems Security Professional (CISSP), Certified
Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Systems Security Certified Professional (SSCP)
#J-18808-Ljbffr