Director of IT Security
£120,000 - £150,000
Hybrid (2days in office is norm)
Setting up something new, with loads of exciting challenges and as-yet unknowns! In this role, you can pretty much create and deliver an IT security strategy and roadmap, from scratch.
The responsibilities-
This is about defining, owning and delivering an IT Security strategy to keep a fast-paced consumer services and retail business, secure and safe, in increasingly challenging times.
Success is a suite of practical and simple security policies and processes, the right technology managed correctly, the right people working within a culture of pragmatic and effective security awareness.
The role in more detail-
* Leading the development and implementation of the company’s IT security strategy.
* Overseeing the protection of company data, intellectual property, and technology assets
* Developing and enforcing security policies, procedures, and protocols
* Identifying and mitigating security risks, ensuring the organisation remains resilient
* Ensuring the company’s compliance with industry standards and regulations.
* Managing security audits, compliance assessments, incident response processes, and investigating security breaches.
* Managing 3rd party relationships, specifically the outsourced SOC
* Stay updated on cybersecurity trends, technologies, and best practices to enhance security measures proactively.
We are seeking skills and experience in -
A similar leadership capacity - we need experience and will in turn give you the freedom to act and make changes
Thorough understanding of standard security frameworks such as NIST, ISO..
Qualifications help (though they aren't essential) eg CISSP, CISM, CISA..
We are a hybrid team, working together in the office with flexibility and respect for one another's time.
2 days / week is the norm
If you are interested to learn more, please get in touch MandyKettle@UnitingAmbition.com
All communication is in the strictest confidence.
Thank you
*InfoSec, Information Security, CISM, CISSP, ISO/IEC27000, GDPR, PCI DSS, Incident Management, SoC, 3rd party management