Heywood Altrincham, England, United KingdomHead of Information SecurityHeywood Altrincham, England, United KingdomThis range is provided by Heywood. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.Base pay rangeDirect message the job poster from HeywoodAbout YouDo you thrive on shaping information security goals and setting the direction and vision of information security, specifically in a hybrid cloud environment?Does identifying potential security vulnerabilities across multiple platforms and planning remediation activities come as second nature to you?Do you have the technical security expertise to ‘shift left’ when it comes to increasing the maturity of information security operations as part of cloud development?Do you have hands-on experience managing information, cybersecurity incidents, and data breaches?If so, then you could be just what we are looking for. Read on to find out more…The RoleAs Head of Information Security at Heywood, your role will be to develop, shape and update the Company’s information security capability, ensuring our hybrid cloud environment remains secure against an ever-changing threat landscape.Key responsibilities include:Information security strategyContinue to develop the Information Security Strategy, ensuring alignment to the Company’s IT strategy and business goals and create the required metric reporting to track progress to be presented to the BoardCommunicate the information security strategy to relevant parties, as well as developing supporting policies and procedures required to meet the strategyDevelop, maintain, and expand the Cyber Risk Management Framework as part of the overall Information Security Management System (“ISMS”)Responsible for the Company’s information security capabilities, including the technical training and awareness of colleagues, ensuring it remains prepared against an ever-changing threat landscapeWork with the other department heads to develop a security community and security conscious culture.Operational inputContribute to design and architectural decisions and improve the approach to the Company’s threat modellingLead on information security incidents and work directly with internal teams and external parties on containment and mitigation activities, as well as preparing for incidents by running threat simulations, tabletop and red team exercisesAssess emerging and potential security threats using the Cyber Risk Management Framework and act proactively to mitigate relevant threatsEnd-to-end vulnerability management across the hybrid cloud environmentManage security toolset, including managing the relationship with the third-party provided SOCProvide security reviews of new technologies to support business strategy such as AIProvide a standard assurance response to customers regarding our security postureSupport bid and tender responses by providing relevant information.Preferred skills, qualifications and experienceIndustry certifications such as CISSP, CCSP, CISM, or equivalentExpert in information securityStrong understanding of cloud security principles and best practices, particularly in AWSExperience in managing security incidents and leading incident responseExcellent knowledge of security frameworks, standards, and regulations, including ISO 27001, SOC 2, HIPAA, GDPR, etc.Good communication and interpersonal skills, with the ability to effectively communicate security-related questions to technical and non-technical stakeholders (employees, customers, and/or partners)Project management skills, with the ability to manage projects such as processes implementation and improvement, security systems implementationAbility to collaborate cross-functionally and influence stakeholders at all levels of the organisation.About usHeywood combines a passion for software with Agile methodologies to create modern software and data solutions and services for businesses, pension providers and third parties that help transform how their members and customers manage their lifelong financial journeys.Working for an expanding established market leader, you will have a real voice to influence our evolution. Continued learning and progression is ingrained in our daily life, encouraged through a variety of forums from e-learning subscriptions and a monthly down-tools day (“Hive Day”) and communities of practice for learning and experimentation. Our open culture encourages wide participation and innovation.We also reward our hard work through regular socials, organised by our people. Socials events include fiercely competitive bake-offs, Pride month office parties, sporting events, games nights and much more!We are committed to a hybrid working model, combining remote and office-based working.Discover more at https://www.heywood.co.uk/careersEDI statementAs an equal opportunities’ employer, Heywood is committed to the equal treatment of all current and prospective employees and does not condone discrimination on the basis of age, disability, sex, sexual orientation, pregnancy and maternity, race or ethnicity, religion or belief, gender identity, or marriage and civil partnership.We aspire to have a diverse and inclusive workplace and strongly encourage suitably qualified applicants from a wide range of backgrounds to apply and join Heywood.Legal stuffhttps://www.heywood.co.uk/privacy-notices#jobapplicantprivacynoticeSeniority levelSeniority levelMid-Senior levelEmployment typeEmployment typeFull-timeJob functionJob functionInformation Technology, Strategy/Planning, and Quality AssuranceIndustriesSoftware Development, Professional Services, and Financial ServicesReferrals increase your chances of interviewing at Heywood by 2xSign in to set job alerts for “Head of Information Security” roles.Head of Cyber Security Governance, Risk and ComplianceManchester, England, United Kingdom 2 months agoHead of Cyber Security Governance, Risk and ComplianceManchester, England, United Kingdom 2 weeks agoManchester, England, United Kingdom 2 months agoManchester, England, United Kingdom 6 days agoManchester, England, United Kingdom 1 week agoCyber Security Governance Senior ManagerManchester, England, United Kingdom 2 months agoEllesmere Port, England, United Kingdom 3 days agoCyber Security Governance Senior ManagerManchester, England, United Kingdom 4 days agoGreater Manchester, England, United Kingdom 3 months agoManchester, England, United Kingdom 3 weeks agoManchester, England, United Kingdom 1 week agoRuncorn, England, United Kingdom 2 weeks agoBolton, England, United Kingdom 2 days agoActemium Design - Senior / Principal Mechanical EngineerChorley, England, United Kingdom 5 months agoWe’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr