About you
Do you thrive on shaping information security goals and setting the direction and vision of information security?
Does identifying potential security vulnerabilities across multiple platforms and planning remediation activity come as second nature to you?
Do you have the technical security expertise to increase the maturity level of information security operations?
Do you have a good track record of success in managing information and cyber security incidents and data breaches?
If so, then you could be just what we are looking for. Read on to find out more…
The role
As Head of Information Security, your role will be to develop, shape and update the Company’s information security capability, ensuring it remains secure against an ever-changing threat landscape.
Key responsibilities include:
1. Information security strategy
o Create and maintain the Company’s strategy, ensuring alignment to the Company’s strategy and business goals
o Communicate the information security strategy to relevant parties, providing assurance of policies, procedures, and systems
o Develop, maintain, and expand the information security management system (‘ISMS’)
o Responsible for the Company’s information security capability, ensuring it remains secure against an ever-changing threat landscape
2. Operational input
o Contribute to design and architectural decisions and improve approach to the Company’s threat modelling
o Lead on information security incidents and work directly with internal teams and external parties on containment and mitigation activities
o Execute threat simulations
o Assess emerging and potential security threats and act proactively to mitigate relevant threats
o End to end vulnerability management
o Manage security toolset.
Experience/qualifications
* Industry certifications such as CISSP, CISM, CISA, or equivalent
* Expert in information security
* Excellent knowledge of security frameworks, standards, and regulations, including ISO 27001, SOC 2, HIPAA, GDPR, etc
* Strong understanding of cloud security principles and best practices, particularly in AWS/Azure
* Experience in managing security incidents and leading incident response
* Good communication and interpersonal skills, with the ability to effectively communicate security-related questions to technical and non-technical stakeholders (employees, customers, or partners)
* Project management skills, with the ability to manage projects such as processes implementation and improvement, security systems implementation
* Ability to collaborate cross-functionally and influence stakeholders at all levels of the organisation
About us
Heywood combines a passion for software with Agile methodologies to create modern software and data solutions and services for businesses, pension providers and third parties that help transform how their members and customers manage their lifelong financial journeys.
We are committed to a hybrid working model, combining the best of remote and office-based working.
Job Types: Full-time, Permanent
Pay: £85,000.00-£95,000.00 per year
Additional pay:
* Performance bonus
Benefits:
* Bereavement leave
* Casual dress
* Company events
* Company pension
* Cycle to work scheme
* Enhanced maternity leave
* Enhanced paternity leave
* Free flu jabs
* Free parking
* Health & wellbeing programme
* Life insurance
* On-site parking
* Paid volunteer time
* Private medical insurance
* Referral programme
* Sick pay
* Work from home
Schedule:
* Monday to Friday
Work Location: Hybrid remote in Altrincham
#J-18808-Ljbffr