Head of Information Security

Job Description

We have an exciting but extremely challenging opportunity for a Head of Information Security to join the organisation at a time of significant and transformational change. As Head of Information Security, you will lead the best practice development, implementation and continual improvement of a pragmatic, sustainable, organisation wide Information Security capability that enables the business through protecting intellectual property, information systems and our people whilst ensuring regulatory and organisational compliance.

Reporting to the IT Director, the Head of Information Security will play a pivotal role supporting the successful diversification of our business from solely being a F1 Team to a Technology Company, with F1 at the heart, expanding into new markets and serving both internal and external customers. The scope is wide - security strategy, security architecture and operations, risk management, policy development and compliance, user education, stakeholder management and governance, but the opportunity, vast.

Leading by example, the successful candidate will need to be able to balance the demands of leading and doing, must be prepared to be hands on, be able to engage the business and deliver just enough process that unlocks inefficiencies and helps deliver performance improvement through lap time and the bottom line.

Key Accountabilities

• Definition and development of an overarching Information Security strategy to build a best in class, sustainable Information Security practice.
• Designing, building and maintaining an effective Information Security Management System which enables our business and adds value to our day to day operations.
• Owning IT Risk which includes: creating a Risk Charter, Risk Register and supporting IT Risk processes, helping to identify , classify, rate and mitigate IT Risks whilst advising and embedding a culture of risk awareness across the IT and wider team.
• Managing the production of effective Information Security and IT Risk KPIs and metrics to demonstrate both the value that Information Security and IT Risk Management is providing the business, whilst also highlighting opportunities for further improvement.
• Assessing the security posture of third party recipients of MGP data and assisting the business to operate in a manner which is complaint with data protection laws.
• Create, deliver and continuously improve an end user educational program to raise awareness and understanding of Information Security and associated cyber/security risks.
• Contribute to the wider IT Strategy and help define and develop appropriate processes and policy documents.
• Build and influence effective relationships within the IT team and wider business at all levels ensuring a unified approach, plan and strategy.
• Be the champion and Subject Matter Expert for Information Security and IT Risk within the business.

Candidate Profile

• A self-motivated leader with a keen eye for detail who takes great pride and satisfaction in getting things done.
• Experience developing and implementing practical information security policies, processes, procedures and standards.
• Significant and demonstrable experience of building control/compliance frameworks from the ground-up.
• An enabling mindset to balance risk v reward and deliver enabling outcomes that meet business needs rather than the letter of the law.
• Any of the following certifications: CISSP, CRISC, CISM
• Strong, confident, self-motivated and capable of leading a cultural change within the business to embrace Information Security and IT Risk.
• Knowledge of ITIL, TOGAF, ISO27001 management frameworks.
• Demonstrable experience of managing IT Risk and Cybersecurity programs.
• Experience of working in a fast-paced environment with continual demands and changing priorities.
• A creative problem solver who is not afraid to try new things to deliver better outcomes.
• Embody our values of Passion, Respect, Innovation, Determination and Excellence incorporating them into the everyday language of the team.
• Excellent planning, communication, influencing and negotiation skills.
• Calm under pressure and happy to meet challenging deadlines.
• Organised, flexible, proactive and results-oriented.

Benefits:

We demand the best from our people so it’s only right we reward them with the best benefits. That’s why we offer a competitive package, including: a generous bonus scheme, life assurance, private medical cover and 25-days holiday.