Chief Information Security Officer – CISM / CISSP

  • Full Time
  • Staines
  • Location: Staines
  • Salary: Unspecified

Lorien

With over 40 years’ experience working with professionals of all levels and organisations of all sizes, Lorien has an established reputation for delivering high quality, market-leading recruitment solutions

Chief Information Security Officer – CISM / CISSP

I am currently recruiting for a CISO based in Staines on a 6 month contract for a Global IT service Provider, the role holder will be working on a project with leading Utilities Company.

The role will be predominantly Staines based but will require frequent travel to Bracknell, this role will also offer the opportunity for occasional working from home.

Role Summary:

The Chief Information Security Officer (CISO) is a member of the account leadership team responsible for all Security aspect of the delivery to the associated account/customer, live service, design, development, integration, implementation and performance of the customer solution(s) – typically leading a team of Information Security Managers, Security Consultants, Security Architects, Security Analysts and Security Auditors either directly or via a matrix management relationship.

The CISO works closely with the relevant Delivery Executive, Service Director, Program Director, Chief Technical Architect and Security Sales lead to review existing Service and new service to see how these may impact Security Delivery from any operational and financial perspective. The CISO will develop and implement a Security Strategy with the leadership team.

The CISO works closely with the customer security lead in relation to all security matters in relation to services provided, future services technologies/threats and service portfolio.

Responsibilities:

  • Responsible for all security-related policies and guidelines applicable at a customer account level.
  • Responsible for all aspects of IT security, including technical, operational, procedural.
  • Support Programme teams by ensuring technical security, governance and data quality requirements are contained within the solution designs and delivery is appropriately tested.
  • Oversight for any third parties delivering services to the assigned account to ensure they meet required security standards.
  • Responsible for security policy and working practices.
  • Ensuring alignment of Solutions (offering, bid or account) and approaches to our clients Security policies (EMEIA Security policies), Principles and Standards.
  • Ensure ISMS and policy/process sets are kept up to date as requirements change.
  • Own Security Improvement plan.
  • Attend and provide regular security meetings with customer producing minutes and action plans when appropriate.
  • Responsible for the day to day security and audit mechanisms of the customer’s systems including managing controls, auditing or security breaches in accordance with customer contractual or legislative requirements.
  • Responsible for any IT Health checks.
  • Responsible for a monthly security report to be delivered to the account.
  • Produce internal monthly summary report to ECS leadership team.
  • Be an active member on leadership change board.
  • Responsible for all areas of Security Risk management as defined in the service contracts
  • Communicate risks in business language stakeholders understand.
  • Defining the information security risk assessment approach (in line with customer contract and corporate standards).
  • Analysis and evaluation of information security risks and evaluating options for the treatment of risks.
  • Apply strong appreciation of the business to that context to IT risk.
  • Maintain a security risk register escalating significant security risks to Leadership team in Security/Account/s. (maybe part of an account risk plan)
  • Ensure timely mitigation of risk
  • To be a senior point of escalation for account and customer issues regarding security.
  • Accountable for the appropriate management Security incidents and events.

Qualifications:CISM / CISSP

  • CISMP
  • Lead Implementer 27001
  • NCSC Certified practitioner (Desirable)

We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation, gender reassignment, marriage and civil partnerships, pregnancy or maternity or age

You must register to apply for this job.

Share: