Job Description
Head of Information Security required for online retail business. The role will initially be focused on ISO27001 & ISO9001 recertifications.
Responsibilities
1. Lead on information security strategy and implementation of security roadmap
2. Develop security KPIs and track their progress
3. Advise senior management on risk levels and any changes impacting security posture, including emerging threats
4. Create, maintain, and implement information security policies
5. Continuously validate the firm against policies and procedures to ensure compliance against ISO 27001, ISO 9001, Cyber Essentials+, and GDPR
6. Manage and continuously improve of the firms Information Security Management System
7. Oversee the information security training and awareness program
8. Lead on internal and external audits and track audit findings through to mitigation
9. Identify and communicate emerging security threats with relevant stakeholders
10. Provide security due diligence in procurement processes and oversee continuous supplier assurance
11. Manage security incidents and coordinate incident response processes
12. Select and implement GRC controls and assisting in selection and implementation of information security technologies
13. Identify security requirements specific to an information technology (IT) system in all phases of the system life cy...