Social network you want to login/join with:
Head of Information Security
Required for an online retail business. The role will initially focus on ISO27001 & ISO9001 recertifications.
Responsibilities
1. Lead on information security strategy and implementation of security roadmap.
2. Develop security KPIs and track their progress.
3. Advise senior management on risk levels and any changes impacting security posture, including emerging threats.
4. Create, maintain, and implement information security policies.
5. Continuously validate the firm against policies and procedures to ensure compliance with ISO 27001, ISO 9001, Cyber Essentials+, and GDPR.
6. Manage and continuously improve the firm's Information Security Management System.
7. Oversee the information security training and awareness program.
8. Lead internal and external audits and track findings through to mitigation.
9. Identify and communicate emerging security threats with relevant stakeholders.
10. Provide security due diligence in procurement processes and oversee ongoing supplier assurance.
11. Manage security incidents and coordinate incident response processes.
12. Select and implement GRC controls and assist in the selection and implementation of security technologies.
13. Identify security requirements specific to IT systems throughout their lifecycle.
14. Develop or enhance security procedures to mitigate potential threats.
15. Ensure cybersecurity requirements are embedded into new programs of work.
16. Provide management and mentorship to security teams and staff.
17. Create and lead the Security Operations Centre (SOC), ensuring real-time monitoring and incident response.
18. Drive security awareness training and GRC initiatives.
19. Report to senior stakeholders on threats, compliance gaps, and mitigation progress.
20. Conduct risk assessments, maintain risk registers, and develop risk treatment plans.
21. Support vulnerability management processes, assess risks, and prioritize remediation efforts.
22. Lead ISO 27001 and ISO 9001 audits and ensure GDPR compliance.
23. Support IT projects by managing controls, providing guidance, and assessing risks.
Ideal candidates will have a proven track record of leading organizations through ISO27001 & ISO 9001 certifications. ISO27001 lead implementer or auditor qualifications are essential.
#J-18808-Ljbffr