Head of Information Security

Job Ref: 50183015
Sector: Audit, Risk & Security
Date Added: 15 June 2017
  • Telford, Shropshire, England
  • £1 per Annum
  • Tiffany Lingham
  • 0207 654 1407

Quick Apply

Request a callback

Send To A Friend

Head of Information Security

A permanent opportunity has risen for a Head of Information Security to join a team in Telford with our client, a Re-insurer and leading provider of closed life policies.

Key Skills / Experience of the Head or Information Security:

  • Information Security Management certification (e.g. CISSP, CISM)
  • Full understanding of Security Standards (e.g. ISO/IEC 27001/2 and regulatory compliance requirements (DPA)
  • Experience of working with 3rd party regulators and clients
  • Strong stakeholder experience
  • Ability to communicate to the business, translating IT language into business language.
  • Information Security Management preferably in the financial sector (a bonus)
  • Dealing with external client reviews/audits of security practices
  • Experience of Payment & Asset Transfer systems and those that process data protection relevant information

Key roles and responsibilities of the Head or Information Security:

  • Ensure that the InfoSec requirements are suitably represented in group-wide InfoSec policy, standards and guidelines. Define and develop additional guidance where requirements may significantly differ
  • Implement across the company the InfoSec policy, standards and guidelines,
  • Monitoring, measuring and report on the compliance to the Policy,
  • Provide awareness and training on the Policy, Standards and related InfoSec topics.
  • Ensure Information Security issues are appropriately reported and dealt with accordingly,
  • Establish and maintain a InfoSec function to ensure that information assets are adequately protected with appropriate controls and mitigating actions to manage risk in-line with risk threshold and industry good practice,
  • Develop and implement key metrics on Information Security to facilitate effective management and decision making,
  • Ensure that appropriate information security due diligence of all key services hosted internally and/or provided by 3rd party vendors is carried out.
  • Actively manage information security activities to address emerging, existing and evolving threats and vulnerabilities appropriately
  • Select and manage 3rd party security vendors engaged to provide additional and/or specialist support (i.e. penetration testing facilities, infrastructure hosting, application services)

The company values Agility, Team Spirit, Passion to Perform, Integrity and Customer Centricity, and they are at the heart of their company, and provide the foundations for the way they conduct their business.


We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation, gender reassignment, marriage and civil partnerships, pregnancy or maternity or age