Our client is looking for a CISO to establish and lead security governance across a newly acquired business. You will define and implement a structured security framework, driving maturity from NIST Level 2 to Level 4, while aligning with the wider group.
This role is focused on building foundational governance, delivering a risk-led remediation programme, and establishing a sustainable in-house SOC capability.
Responsibilities
* Define and implement an information security governance framework aligned to NIST, with clear policies, standards, and controls
* Establish board-level visibility and accountability for security, including reporting structures and risk ownership
* Lead a structured remediation programme to address gaps identified in the NIST assessment, prioritised by business risk
* Design and embed GRC processes, including self-assessments, control validation, and audit readiness
* Define roles, responsibilities, and operating model for security across the business, ensuring clear ownership and decision-making
* Advise on the design and implementation of an in-house Security Operations Centre, including tooling, processes, and capability requirements
* Evaluate and rationalise security tooling to ensure it is effective, scalable, and manageable within the organisation’s maturity level
* Drive integration of the acquired business into the group’s wider security and IT governance model
* Educate and influence stakeholders across the organisation to improve security awareness and embed best practice
* Simplify and standardise security workflows to ensure consistency, efficiency, and long-term sustainability
#J-18808-Ljbffr