Director of Information Security

Director of Information Security - 2 days a week in London

This is a genuinely exciting time to join a business going through a significant technology transformation. You will have the opportunity to structure the information security department from the ground up whilst remaining hands on and driving change from the top down.

• Enable business growth while providing assurance and value through risk reduction, embedding security at the heart of everything we do.
• Will help to curate an open and honest culture of security awareness and consult Group wide on all things Security.
• Will take ownership of human security in its fullest guise including training, awareness, secure remote working and access management.
• Ensure we have robust endpoint security and protection of corporate devices through centralized management.
• Understands and owns code security, including static analysis, secure software development lifecycle and application security, including dynamic analysis, penetration test and vulnerability management.
• Support the wider technology team on infrastructure security, using cloud native tooling (AWS Security Hub, Guard Duty; Azure Defender and Sentinel)
• Has an understanding of M&A due diligence and corrective programmes to harmonise approach across the wider Group.
• Will ensure clear and audited third party vendor risk management
• Will ensure we meet regulatory compliance with GDPR, DORA and NIS2 etc.
• Manage all internal IT (from onboarding, offboarding and asset security) whilst maintaining a suitable security program to achieve relevant industry security certifications including ISO 27001 and Cyber Essentials Plus