Head of IT Security

Job description

The Head of IT Security is pivotal in advocating the value of IT Security governance, supporting the group in embedding a risk and compliance aware culture. 

This opportunity will see you supporting the technology team to understand risk and compliance in the context of day to day operations in a financial services environment

You will be managing one person and this role will require to performs hands-on technical activities

Responsibilities

• Security operations: Real-time analysis of immediate threats, and triage
• Cyber Risk and Cyber intelligence
• Data Loss and Fraud Prevention
• Security Architecture: Planning, procuring, and rolling out security hardware and software, and
• making sure IT and network infrastructure is designed with best security practices in mind
• Identity and Access Management: Ensuring that only authorised people have access to restricted data and systems applied to both - on premise and cloud-based systems
• Maintain and execute the Security Strategy: Keeping ahead of security needs by implementing
• programs or projects that mitigate risks
• Vulnerability management: Ensuring systems are regularly patched and securely hardened
• Governance: Responsibility maintain and regular update of the relevant policies, standards and
• procedures
• Risk and Compliance: Implement information security controls to protect its information assets in a
• timely manner and commensurate with its information security risk
• Maintaining regulatory compliance to all relevant and applied standards (e.g. CPS234 & PCIDSS)
• Identifying, assessing, monitoring and escalating as appropriate cyber security threats

Skills required

• Significant Cyber Security and leadership industry experience in similar role that demonstrates a capacity to effectively lead the Cyber Security function
• Demonstrable experience implementing and maintaining Compliance to CPS234 and PCI DSS.
• Experience conducting risk assessments to industry standards
• Previous experience in the finance Industry
• Demonstrable leadership and mentoring skills
• Ability to design, implement and execute Security Controls
• Experience in writing and imbedding Security Policies and Standards
• Experience in managing security Incident Responses
• Hands on technical skills in security technologies are highly desirable – vulnerability management, threat hunting, SIEM, single sign on, Web Application Firewall
• Working knowledge and understanding