Head of Information Security IT · London · Hybrid Remote

This role will work closely with the company’s Legal and Finance teams on matters of compliance, risks and fraud prevention.

You’ll be;

• Developing and ImplementingInformation Security Strategy: Designing and executing a comprehensive Information Security strategy to protect the company’s information systems and digital assets.
• Managing Risk: Identifying, assessing, and mitigating Information Security risks across the organisation. Conducting regular security risk assessments and audits.
• Responding toIncidents: Leading the incident response team to quickly and effectively respond to security breaches and incidents. Developing and maintaining incident response plans and protocols.
• Trained InSecurity Awareness: Developing and delivering Information Security awareness training programs for global employees to promote a culture of security within the organisation.
• Leading ATeam: Mentoring a matrix team of cross functional IT professionals providing guidance and support to ensure the team’s success
• ManagingThird-Parties: Overseeing and coordinating with third-party Information Security Operations Centre (CSOC) and Virtual Chief Information Security Officers (VCISO) to ensure alignment with the company’s Information Security strategy and goals.
• Experienced InCompliance and Governance: Ensuring compliance with relevant Information Security regulations and standards (e.g., ISO27xxx / Cyber Essentials, DPA 2018, GDPR, CCPA , PIPL & CDSL & PCI-DSS). Developing and enforcing security policies and procedures.
• Managing Vendors: Managing relationships with external vendors and service providers, ensuring that their security practices meet company standards.
• Experienced WithTechnology Oversight: Evaluating, implementing, and managing security technologies and tools to protect the organisation’s digital assets.
• Able ToCollaborate: Working closely with other departments (e.g., Legal, finance, compliance) to ensure a holistic approach to Information Security.
• Reporting: Providing regular reports to the Leadership Team (& occasionally the Board) on the status, KPIs and risks of the organisation’s Information Security posture and initiatives.

You’ll have;

• Experience: A minimum of 5-10 years of experience in Information Security, with at least 3 years in a leadership /senior role (preferably within the retail and e-commerce sector).
• The abilityto demonstrate awareness and skills via relatable experience anda formal degree in a related subject matter. A formal Infosec certification will also be beneficial.
• Technical Skills: A deep understanding of Information Security frameworks, technologies, and best practices. Proficiency in risk management, incident response and security operations.
• Leadership Skills: Proven ability to lead and inspire a security culture in cross-functional teams. Strong communication and interpersonal skills.
• Analytical Skills: Excellent problem-solving abilities and attention to detail. Ability to analyse complex security issues and develop effective solutions.
• The ability to be aAmbassador for adoption of security best practices in an open, approachable and business oriented manner. Being seen as a mentor and adviser within the business at all levels.
• Experience of oversight, design and management of security measures on ecommerce platforms
• Regulatory Knowledge: Familiarity with relevant global Information Security regulations and standards (e.g., GDPR, PCI-DSS).
• Third-Party Management Experience: Experience in managing third-party Information Security services, including CSOC and VCISO.

#JPKR

#JPKR