Group Head of Information Security - £#removed#K + exceptional package & bonus
One of the UK and Europe's leading entertainment companies is hiring a Group Head of Information Security. This company is a household name in the UK and across the continent with 208 facilities across 8 European countries, including a market-leading footprint and global HQ in London.
The Group Head of Information Security will design and implement robust, global information security solutions to protect our people, customers, systems, and data. You will have overall responsibility for creating, refining, and embedding information security policies and processes and providing support, education, and security training to the wider business.
Key Accountabilities
Strategic Security Management
1. Develop and maintain the company's overarching security strategy, encompassing cyber security, data protection, and privacy standards.
2. Drive the implementation or ongoing improvement of key security initiatives, with an in-depth technical knowledge of digital, infrastructure, and cloud-based security frameworks.
3. Develop and embed best practices for identity and access management, particularly in adapting security strategies to cloud architectures.
4. Create and manage security baselines and enforce secure network designs and firewall management across all territories.
5. Collaborate with all territories' technology teams to ensure secure system and network architectures and establish risk management protocols, including TS risk maps and registers for each territory.
Incident Management & Response
1. Oversee and refine incident response capabilities to manage security breaches and crises effectively, limiting operational impacts and guiding the return to a normalized service.
2. Act as the escalation point for cyber incidents, perform root cause analysis, and implement corrective actions to mitigate recurrence.
Policy Compliance & Risk Management
1. Develop and maintain information and cyber security policies and procedures, ensuring compliance with industry standards and regulations such as NIST CSF.
2. Support our data privacy policies and wider requirements inclusive of data loss prevention (DLP) measures, cryptographic controls, and the secure handling of sensitive information.
3. Lead and manage external and internal security audits and technical assessments, including top-down control framework assessments and bottom-up technical testing.
4. Engage and inform senior leaders and stakeholders on security posture and data protection strategies, providing informed recommendations that safeguard company data, systems, and services.
5. Collaborate with the legal, data protection, and internal audit teams to ensure an aligned and comprehensive approach to data privacy and cyber security.
6. Manage relationships with outsourced SIEM, SOC, and SECOPS providers to optimize security operations and ensure robust vulnerability management.
Technical Knowledge & Experience
1. Senior-level experience in information and cyber security, with proven accountability in a fast-paced, multi-territory, and multi-site environment.
2. Experience in a customer-facing industry such as retail, leisure, or hospitality is preferred.
3. Proficient in technical controls, SOC workflows, and SIEM systems, with experience managing outsourced security operations and technology partners.
4. Strong foundation in security engineering and protocols, network security, and compliance frameworks such as ISO27001, GDPR, PCI-DSS, and NIST standards.
5. Technical expertise with identity products, data security controls, detect & response capabilities, vulnerability scanners, and next-gen EDR tools.
6. Experience creating security awareness programs and influencing a security-by-design approach across departments.
7. Experience building or expanding a cyber security function within a complex, international organization is desired.
8. Background in managing security within cloud-based environments, including Azure and GCP.
This wonderful opportunity is based in West London and offers a basic salary up to £120K + package, car allowance, and exceptional bonus potential.
The role requires 4 days a week in the London office with Fridays from home. The offices are exceptional and what you would expect from a leading entertainment group.
#J-18808-Ljbffr