Chief Information Security Officer (CISO)
Great opportunity to work with a leading organisation at an exciting time
Must have strong IT team and people leadership experience within FS
About Our Client
A well-backed organisation with incredibly exciting plans to grow and develop into the most secure entity in the region.
- Comply with the organisation's security policies, standards, and regulatory requirements.
- Provide regular reporting on the current status of the information security program to enterprise risk teams, senior business leaders and the board of directors as part of a strategic enterprise risk management program, thus supporting business outcomes.
- Work with the vendor management office to ensure that information security requirements are included in contracts by liaising with vendor management and procurement organizations.
- Manage the security program, architecture, design, and IAM processes for the employees.
- Create and manage a targeted information security awareness training program for all employees, contractors and approved system users, and establish metrics to measure the effectiveness of this security training program for the different audiences.
- Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services, including privacy, risk management, compliance and business continuity management.
- Determine the information security approach and operating model in consultation with stakeholders and aligned with the risk management approach and compliance monitoring of non-digital risk areas.
- Manage the budget for the information security function, monitoring and reporting discrepancies.
The Successful Applicant
- Minimum of 13+ years of experience in a combination of risk management, information security and IT jobs (at least three must be in a senior leadership role)
- Master's degree with a security focus.
- Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists
- Sound knowledge of business management and a working knowledge of information security risk management and cybersecurity technologies
- Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic business environment
- Professional security management certification is desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials.
- Experience with contract and vendor negotiations
What's on Offer
- Transformation and leadership role
- Opportunity to build and develop your own Security function, developing the strategy and roadmap yourself
- Opportunity to work for an organisation with ambitious plans within their market and for investment in Security