Director of Security - Anywhere in the UK

IT/Information/Cyber Security
Ref: 133 Date Posted: Monday 03 Oct 2022
LinkedIn ShareShare
Company:           Health Tech
Location:             Home based - must be able to get into Milton Keynes for meetings
Reports to          CFO
Salary:                 £90,000-£110,000
The Role
As the Director of Security, you will lead Cyber Security, Information Security and Compliance functions. This is a senior management role built on relationships, strong domain knowledge and operational experience of security in modern digital services.
Key Responsibilities:
•             Maintain a security strategy which allows cyber and information risks to be managed effectively.
•             Maintain and ensure adoption of security risk governance, policies, and processes.
•             Maintain appropriate and proportionate operational security controls to reduce risks to an acceptable level.
•             Ensure that cyber and information security threats, vulnerabilities, and risks to the organisation are regularly re-assessed and re-evaluated.
•             Ensure that the risk to information held by suppliers and third parties is managed effectively.
•             Maintain capability for cyber and information security incident management to limit the business impact from incidents and to prevent them from re-occurring.
•             Ensure that legal, regulatory, and commercial compliance obligations are maintained and evidenced.
Essential Criteria:
•             A track record of successful security leadership, driving continued development and innovation in Cyber Security and risk management.
•             Experience of implementing and maintaining security in cloud based digital services organisations.
•             Experience of managing, leading, and developing teams using permanent and 3rd party providers.
•             A willingness to take a hands-on approach when appropriate.
Desirable criteria:
•             Familiarity with the NCSC and/or NHS suite of security policies, guidance, and standards.
•             Experience in using good practice standards such as ISO 27001 (Implementation, Compliance, Certification, and audit reviews).
•             Experience of working in a digital services or software development organisation.
•             A background of Security Architecture.
Skills and Abilities:
•             Ability to think commercially and strategically.
•             Excellent team leadership skills and behaviours.
•             Commercially focused with an understanding of the operations which impact a business and how risk is managed optimally for the business, customers, and other stakeholders.
•             Strong presentation, written and oral communication skills.
•             Strong numeracy and analytic skills informing evidence-based decisions.
•             Excellent interpersonal skills, able to influence, build and maintain strong working relationships with a wide range of stakeholders; collaborative and consultative.
•             Enthusiastic, motivated, adaptable, and proactive with the ability to work flexibly in a changing environment.
You will hold one or more of the following qualifications (or equivalent):
•             Certified Information Systems Security Professional (CISSP).
•             SABSA Chartered Security Architect - Foundation Certificate (SCF).
•             Certificated Information Security Manager (CISM).